.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Register
 
Win Surprise Gifts!!!
Congratulations!!!


Top 5 Contributors of the Month
Easy Web
Imran Ghani
Post New Web Links

WCF Service to WSE Client - Certificate authentication over SSL

Posted By:      Posted Date: October 18, 2010    Points: 0   Category :WCF
 
I am trying to access a WCF service with a WSE 3.0 client over SSL using certificate authentication.  I can do it over an unsecured channel using a customBinding on the service side using the MutualCertificate authentication mode and the turnkey policy assertion mutualCertificate11Security on the client side.  This breaks when I move it to a production environment accessible only by SSL and either (1) change nothing in the server config file--connection gets refused because it is not https--or by (2) changing the server custom binding to CertificateOverTransport--client errors with this:  System.InvalidOperationException: Security requirements are not satisfied because the security header is not present in the incoming message.

My question is simply, how do I access a WCF service over SSL using certificate authentication?

Thanks,
Chris





View Complete Post


More Related Resource Links

Looking for a simple Service and Console Client REST sample implementing BASIC authentication

  

Does anyone know of a C# code sample demonstrating WCF REST services and console test client with OperationContracts (GET and POST) implementing mutiple paramaters using BASIC authentication? Also, perhaps, using Fiddler as a test client as well? I have searched high and low for something like this, but have not had any success.


SharePoint - Report Server - Client Certificate authentication

  
Hi,I have a SharePoint site collection which requires client certificates. On the server I have configured Reporting Services in integration mode.I can call reports on other site collections which don't require client certificates but not on the site which does. On the site which requires client certificates the pages fail with the following error message:'An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> The request failed with HTTP status 403: forbidden'The error message indicates that SharePoint doesn't call the web service with a client certificate. Does anyone know how I can configure SharePoint to use a client certificate?Any help is greatly appreciated.Adam

WCF Service using SSL and Certificate Authentication.

  
Hi All,     I have a WCF service and want to use Transport Security and Certificate for Client Authentication.   When I am tryting to connect to service , I am getting the following error:   The SSL settings for the service 'None' does not match those of the IIS 'Ssl, SslNegotiateCert, SslRequireCert'.     I have configured the IIS to use SSL. Given below is the  configuration section for WCF service at server end:   <system.serviceModel> <services> <service name="HelloWorld.Service1" behaviorConfiguration="ServiceBehavior" > <!-- Service Endpoints --> <endpoint address="https://localhost/SecureHelloWorld/Service.svc/ws" binding="wsHttpBinding" bindingConfiguration="TransportSecurity" contract="HelloWorld.IService1"> <identity> <dns value="localhost"/> </identity> </endpoint> <endpoint address=https://localhost/SecureHelloWorld/Service.svc/mex binding="mexHttpsBinding" contract="IMetadataExchange"/> </service> </services> <behaviors> <serviceBehaviors> <behavior name="ServiceBehavior"> <serviceCredentials> <serviceCertificate findValue="XXXXXXXXXXXXXX" x509FindType="FindByThumbprint" storeLocation="LocalMachine" storeName="My" /> <

troubleshooting client certificate authentication issues

  

hi,

i am using self created certs for client authentication. for one of the cert it works fine but ith another cert it does work. i get an error, can't rer connect to server.

is there any way/tool to troubleshoot cert issue?

Regards


singhhome

Receive Client Certificate in Web Service

  

I'm trying to receive a Client Certificate in a Web Service and having some problems.

Client      

Dim cert As X509Certificate = X509Certificate.CreateFromCertFile("C:\cert.cer")
_ws.ClientCertificates.Add(cert)
Dim hw As String = _ws.HelloWorld

The certificate seems to be correclty loading and added to the client.

The client connects to the server with HTTPS.

Server:

 <WebMethod()> _
    Public Function HelloWorld() As String
        Dim cert As HttpClientCertificate = Me.Context.Request.ClientCertificate
        Return "Hello World"
    End Function

cert.IsPresent is false and all certificate fields are empty.

IIS is configured to Accept Client Certificates.

Reproduced in two environments:

- Windows 7 x64, IIS 7, VS 2008, .NET 3.5

- XP x86, IIS 5, VS 2008, .NET 3.5

Always in the Web Service the Client Certificate is not proesent. I haven't been able to find any other configuration I should do. Can anyone help?

Thanks

Steve


how to catch certificate authentication and authorization errors in client

  

How can i know at client side that my request to wcf service(with certificate authentication over nettcp) has failed because of authentication or authorization.

i think authentication can fail if the certificate is not a valid certificate(ie date has expired). For authorization i have implemented ServcieAuthorizationmanger and returning true/false. how wcf will transfer this to authrization error.

Regards


singhhome

c# .NET 3.5 Web Service with Client Certificate

  

Hi,

I'm creating a Web application to consume a third party Web service. The third party has provided me a Security Certificate and I can use it to see their WSDL in Browser successfully.

I've created a Unit Test to consume the web service with the client certificate and it works fine.

I've also create a Console application to consume the web service, and again it works fine.

The problem is, I created a Web application (ASP .NET in IIS) to consume the web service, and it fails. The party said I didn't send the Client Certificate in the Web Service call. But the code I use is the same as the one running in the Unit Test and Console application.

Background: The Web Application has impersonate="true" and we are using Integrated Windows Authentication. Also we have a Web Proxy in our company to go out to internet.

Below is the code I'm using. I believe the code is fine as it works in some cases except in ASP .NET (IIS). 

========================================================================================

this.BuySideService = new FXBuySideServiceV1();

// preserve cookies for auth info (SMSESSION)
this.BuySideService.CookieContainer = new System.Net.CookieContainer();

// basic authentication
this.BuySideService.Credentials = new System.

SharePoint 2010 & Client Certificate Authentication

  

Hi,

we have upgraded our WSS 3.2 installation to Sharepoint Foundation 2010 and have trouble with authentication over client certificates (works perfect with WSS 3.2).

You can reproduce this with a fresh install of SharePoint Foundation 2010 on Windows Server 2008 R2. Create an application and set in IIS authentication to Client Certificates. Then create a site with one document library and upload at least two documents. Then check all items in list view and try to delete this documents over delete-button in ribbon (not over context menu). At this point i get a javascript error:

Message: Object expected
Line: 2
Char: 20732
Code: 0
URI: https://XXXX/_layouts/inplview.js?rev=AohvE9XEf%2FI78tuaw1TGAA%3D%3D

I found following HTTP 500 error in IIS-Log:

2010-05-21 13:20:01 192.168.1.86 POST /_vti_bin/client.svc/ProcessQuery - 443 XXXX\XXX 192.168.XXX.XXX Mozilla/4.0+(compatible;+MSIE+8.0;+Windows+NT+6.1;+WOW64;+Trident/4.0;+SLCC2;+.NET+CLR+2.0.50727;+.NET+CLR+3.5.30729;+.NET+CLR+3.0.30729;+InfoPath.2;+.NET4.0C;+.NET4.0E) 500 0 0 188

If i switch authentication in IIS to Windows Authentication i get no error (HTTP Status Code = 200).

C# ASP .NET 3.5 IIS Web Service with Client Certificate

  

Hi,

I'm creating a Web application to consume a third party Web Service. The third party provide me a Security Certificate and I can get their wsdl successfuly in the browser by using it.

Before I start, I created a Unit Test to consume the web service with the certificate provided, and it works fine.

I've also create a Console application to consume the web service (same code), and again it works fine.

The problem is, I created a Web application (ASP .NET 2.0 in IIS) but it fails. The thrid party said I didn't add the client certificate in the Web service call. But I'm using the same code as the Unit Test and the Console application I developed.

Background: The web application has impersonate="true" and we are using Integrated Windows Authentication. We have a Web proxy in our company and we need go go through it to Internet.

The code I use is below, I believe the code is fine as it works in Unit Test and in the Console app.

======================================================================================

this.BuySideService = new FXBuySideServiceV1();

// preserve cookies for auth info (SMSESSION)
this.BuySideService.CookieContainer = new System.Net.CookieContainer();

// basic authentication
this.BuySideService.Credentials = new System.Net.NetworkCredential(this.LoginUsername,

create proxy client with SvcUtil from service using https+cert authentication

  

Hi all,

I have build two web services one is wcf hosted in iis and the other one is java web service (jax-ws ri) hsted on tomcat. Both of the services uses https and certificate authentication.The certificates are valid and when I check the wsdl's from the browser I can see them without any warning.

So I want to create a wcf client for the services with svcutil. I have created the necessary config file for svcutil (svcutil.exe.config).

When I try to create the proxy files for the java service (svcutil http://JavaServiceIpAddress/service?wsdl) I receive

"metadata contains a reference that cannot be resolved .

<Fault xmlns="http://schemas.xmlsoap.org/soap/envelope/" >
   <faultcode xmlns:a="http://www.w3.org/2003/05/soap-envelope" xmlns="">a:Client</faultcode>
   <faultstring xmlns="">Cannot find dispatch method for {}</faultstring>
</:Fault>


the request was aborted: Could not create ssl/tls secure channel"

 

When I execute svcutil http://WcfServiceIpAddress/service.svc the proxy and configs file are created smoothly. When I try svcutil http://WcfServiceIpAddress/service.svc?wsdl

"error: cannot obtain metadata from http://WcfServiceIpAddress/service.svc?wsdl

....

ASMX Web Service using Forms Authentication, how to Authenticate into it using WCF Client?

  

Hello All, a third party vendor is offering our company a ASMX Web Service which uses Forms Authentication and it's also secured using SSL.

Our Platform is .NET 3.51/WCF/C#. How should I Authenticate my Client into that kind of ASMX Web Service?

Can anyone point any article with sample code or an example how a Client can Authenticate into such ASMX Web Service,

Thanks in advance

Mick


Problem to obtain client IP on web service

  

Friends,

I'm having problems to obtain the client IP on web service. Here's my scenario:

One server with Windows 2003, hosting the web service using .Net Framework 2.0, with IP 10.0.2.50 and host name ServerTransaction.
Other server with Windows 2003, hosting a web application using .Net Framework 2.0, that consuming the web service on  ServerTransaction, with IP 10.0.2.51 and host name ServerApplication.
Many other computers on the local network (IPs: 10.0.2.80, 10.0.2.81, 10.0.2.82, ...) acessing the web application on ServerApplication.

On the code of the web service I've tried to use HttpContext.Current.Request.UserHostAddress or HttpContext.Current.Request.ServerVariables("REMOTE_ADDR") or HttpContext.Current.Request.ServerVariables("HTTP_X_FORWARDED_FORR"), but always I can only get the IP of ServerApplication (10.0.2.51).

Any idea or tip?


Thanks and sorry for my bad english.


Smart Client: Building Distributed Apps with NHibernate and Rhino Service Bus, Part 2

  

Smart client applications are responsive and promote interactivity with the user. In this article, we continue building a smart client application using NHibernate for data access and Rhino Service Bus for reliable communication with the server.

Oren Eini

MSDN Magazine August 2010


Smart Client: Building Distributed Apps with NHibernate and Rhino Service Bus

  

Smart client applications are responsive and promote interactivity with the user. In this article, we start the processes of planning and building a smart client application using NHibernate for data access and Rhino Service Bus for reliable communication with the server.

Oren Eini

MSDN Magazine July 2010


Extreme ASP.NET: Client-Side Web Service Calls with AJAX Extensions

  

Microsoft AJAX Library and the ASP.NET 2.0 AJAX Extensions provide a number of compelling features ranging from client-side data binding, to DHTML animations and behaviors. Learn all about them here.

Fritz Onion

MSDN Magazine January 2007


Web Security: Part 2: Introducing the Web Application Manager, Client Authentication Options, and Pr

  

This article, the second of two parts, continues coverage of Web security for Windows. It introduces the Web Application Manager in IIS that allows Web processes to be isolated, decreasing the security risk associated with running in a logon session. The article then picks up where Part One left off-it discusses authentication methods such as basic authentication, digest authentication, integrated Windows authentication, and anonymous logons, and the benefits and drawbacks of each.

Keith Brown

MSDN Magazine July 2000


sslstream client certificate validation error

  
Hi,I have taken server and client program from MSDN2 for sslstream. in that code client certifiacte authetication is made false  i want to enable that and do the code i have done some modification to the code but is giving error "RemoteCertificateNotAvailable" and i think that its not getting the client certificate at server side.So please can any one help me to do client server program using sslstream in which client certificate also needs to be validated.I am attaching my modified code of MSDN2Server sideusing System;using System.Collections;using System.Net;using System.Net.Sockets;using System.Net.Security;using System.Security.Authentication;using System.Text;using System.Security.Cryptography.X509Certificates;using System.IO;namespace Examples.System.Net{    public sealed class SslTcpServer     {        static X509Certificate serverCertificate = null;        // The certificate parameter specifies the name of the file         // containing the machine certificate.        // The following method is invoked by the RemoteCertificateValidationDelegate.        public static bool ValidateClientCertificate(              object sender,              X509Certificate certificate,              X509Chain chain,              SslPolicyErrors sslPolicyErrors)        {            SslPolicyErrors errors = sslPolicyErrors;            if (errors != SslPolicyErrors.None)            {
Categories: 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend