.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Is it possible to dissable the Verification of Certificates?

Posted By:      Posted Date: May 22, 2011    Points: 0   Category :SharePoint

If I use "Add Service Reference..." in Visual Studio 2010 to add WCF Service I become


"Could not establish trust relationship for the SSL/TLS secure channel with authority xxxx"


Is there any opportunity to turn this verification off?

View Complete Post

More Related Resource Links

Secure Sockets Layer: Protect Your E-Commerce Web Site with SSL and Digital Certificates


Security is one of the most important factors in the future growth of e-businesses. Making sure that communications remain secure between customers and the Web server is a critical issue. Secure Sockets Layer (SSL) is the standard that secure Web sites are built upon today. This article presents an overview of SSL-based Web security, explaining such fundamental concepts as digital certificates and their distribution, encryption, and the proper configuration of Microsoft Internet Information Services (IIS). Acquiring a certificate, installing it, and configuring IIS for SSL are outlined in a step-by-step process.

John Papa

MSDN Magazine April 2001

Digital Signatures Verification Error


Hey all;


Not 100% sure this is a sharepoint problem, but maybe someone can help.  I am installing a digital signature block that is being made available on a browser form.  The sig is working, but I can not get a valid signature on the form.  I am told there is a Digital Signatures Verification Error. 


Reading other posts tells me that I have to have my signature cert in the trusted Root authority of the sharepoint server.  Here is the rub..


When I use certificate manager, I s

SQL Server 2008 R2 Express + Wildcard Certificates

Note: Cross-posted from my question at ServerFault: http://serverfault.com/questions/176595/sql-server-2008-r2-express-wildcard-ssl-certificate (Not trying to be a jerk, just think I might get a better response here.) --- Wildcard certificates (for example, *.example.com) simply did not work in SQL Server 2008 or lower. But Encrypting Connections to SQL Server on MSDN states, plain as day, that SQL Server 2008 R2 supports wildcards certificates. Excellent. So I set up SQL Server 2008 R2 Express on a machine, and I configure the HKLM\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL10_50.SQLEXPRESS\MSSQLServer\SuperSocketNetLib\Certificate entry to the thumbprint of my wildcard SSL certificate (because in five years of dealing with SQL server, I have never gotten that #$@# dialog in Sql Server Configuration to display any certificates). The SQL Server log then tells me that this went over quite well: 2010-08-31 11:46:04.04 Server The certificate [Cert Hash(sha1) "5DDD9E51B30E0CA6CE3656AE54EC6D0B8B75904A"] was successfully loaded for encryption. Unfortunately, if I attempt to use Microsoft SQL Server Management Studio (the 2008 R2 version) or the Sql* classes provided in the .NET Framework 4.0, I always receive the following exception: A connection was successfully established with the server, but then an error occurred during the pre-login handshake. (provider: SSL

Using ONLY User Certificates for SharePoint 2010 Authentication/Authorization

  Hello, I am relatively new to SharePoint, and was wondering how I can accomplish using only user certificates to authenticate (and eventually authorize) access to the SharePoint 2010 Server (not just IIS). My Environment currently looks like this:  - SharePoint is SSL-enabled - User Browser Certificates (generated using OpenSSL) successfully authenticate to the IIS Server - SharePoint uses Basic Authentication (user/password based on AD credentials) I need to: - Authenticate the user to SharePoint using the User Certificate from my browser (in other words, no password authentication to access the SharePoint website, but use the certificate that was used by iis to be able to log into SharePoint) I am assuming I must use some sort of claims-based authentication.  Ideally, I would like to use ONLY the certification itself as a source of Authorized Repository for authentication. However, I am also open to having the user certificate be linked to Active Directory users as well.  I have done some research on this but am still lost as to how to approach this problem. Is there anyone that has done this or can assist me in getting this to work? Any help would be greatly appreciated. Thanks!  

.NET Framework 4 installs, but .NET4 Applications won't run and verification fails

I have the same problem described in following thread: http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/d8601382-83a4-4039-a71b-3b68dcdc6e26 I'm running Windows 7 x64 Ultimate I installed the .NET Framework 4 Client Profile and even tried installing the FULL/Extended edition the install appears to go in just fine, no errors or anything. Once I try to run a program it fails to work, I tried to verify my .NET4 installation using this tool... http://blogs.msdn.com/b/astebner/archive/2008/10/13/8999004.aspx It ALWAYS fails the verification no matter how many times I uninstall/clean up and reinstall... Here is a snippet from the verifier log... .....[07/22/10,17:35:35] Section [Registry - .NET Framework 4 Full (Wow6432Node)] - stop parsing entries [07/22/10,17:35:35] Processing custom action 'Custom Action - .NET Framework 4.0 test application' [07/22/10,17:35:35] ExecutablePath = 'Netfx40TestApplication.exe' [07/22/10,17:35:35] FriendlyName = '.NET Framework 4 test application' [07/22/10,17:35:35] TimeoutSeconds = '300' [07/22/10,17:35:35] WaitOnExit = 'true' [07/22/10,17:35:35] Silent = 'true' [07/22/10,17:35:35] Launching process 'Netfx40TestApplication.exe' now [07/22/10,17:35:35] Process successfully launched. Waiting 300 seconds for it to complete. [07/22/10,17:35:35] ****ERROR**** Process 'Netfx40TestApplication.exe' exited with return

Verification of signature "revocation server was offline"

Hi, I have to verify a (detached) signature from a third party. I am using System.Security.Cryptography.Pkcs.SignedCMS (VS2008) to validate the Signature. The verification of the data works fine. But when I try to verify the used certificates I always get that the intermediate certificate is not valid. The ChainStatus returns RevocationStatusUnknown (UnknownError) and OfflineRevocation (UnknownError) even if I set the RevocationMode to NoCheck on the chain. Dim byteData() As Byte = IO.File.ReadAllBytes(DataFile.FullName) Dim byteSignature() As Byte = IO.File.ReadAllBytes(SignatureFile.FullName) Dim ciData As New Pkcs.ContentInfo(New Oid("data"), byteData) Dim Verifier As New Pkcs.SignedCms(ciData, True) Try Verifier.Decode(byteSignature) Verifier.CheckSignature(True) Catch crex As CryptographicException ' Signature is not valid Catch ex As Exception ' Verification failed End Try For Each SignatureCertificate As X509Certificates.X509Certificate2 In Verifier.Certificates Dim certChain As New X509Certificates.X509Chain(True) certChain.Build(SignatureCertificate) ' Build the certificate chain from the signers certificate certChain.ChainPolicy.RevocationMode = X509Certificates.X509RevocationMode.NoCheck For Each certElement As X509Certificates.X509ChainElement In certChain.ChainElements If Not certElement.Certificate.Verify() Then ' Cert

Security Context Token verification failed. (The security protocol cannot verify the incoming messag

Hello, I would like implement Message Lever security with username/password authentication on HTTP. My environment looks something like this.  Server Side - Message lever security is configured on service.           <security mode="Message">             <message clientCredentialType="UserName" negotiateServiceCredential="True"/>           </security> - CA and self signed certificates are created on server and configured. ServiceCredentials are looks like this <serviceCredentials> <serviceCertificate findValue="CertForIdm" storeLocation="LocalMachine" storeName="My" x509FindType="FindByIssuerName" /> <userNameAuthentication userNamePasswordValidationMode="MembershipProvider" membershipProviderName="IfMembershipProvider" /> </serviceCredentials> Client Side (References are generated by VS) - Binding configuration                 <binding name="WSHttpBinding_IWaypoint2" closeTimeout="00:11:00"                     openTimeout="00:11:00" receiveTimeout="00:10:00" sendTimeout="00:11:00"  &nb

Certificates in WCF

I have to set up some services in WCF based on certificates authentication. I create a service (MyService1) with self signed certificate for service and client. What i want to know is "whether i should create a service per service or use the same service and client certificate for all my services". I understanding is that if I use the same certificate then all my client can use the same service to access all services data. Is this right? Should I create a service and client certificate per service I host? Thanks in advance.  

WCF Message Security using Certificates

I am new to wfc programming and trying to understand security aspects ('message' using certificates). I am using windows 7 and visual studio 2010. I have a few questions about how I have implemented wfc. I have a win forms app that will talk over the web to a wfc service. I need to make sure the message is encrypted enroute. This is an admin application and will be used only by me. I created certificates on my Dev machine and edited the web.config and app.config. This works. The problem is when I right click the service reference and select update service refernce, the app.config is overwritten. The identity element is removed and behior ref is removed  and now the app will not connect to the service any more. I am including my web.config and app.config (before and after updating svc ref) below. Please advice me on what I am doing wrong. Also please let me know if this is the right way to do it. While creating the certificates I wasnt prompted for any passwords, not sure why. Can I use this type of certificate eventually when I go live ? what are the risk if this is not advisable ? Thanks in advance for you help. certificate creation and installation //server makecert.exe -sr CurrentUser -ss My -a sha1 -n CN=TradeService -sky exchange -pe certmgr.exe -add -r CurrentUser -s My -c -n TradeService -r CurrentUser -s TrustedPeople    //client makecert.exe -sr Cu

SSL Certificates and Naming

Hello, I have a server that I will call machine01 (specified in -> my computer | properties | name tab).  I refer to this machine as machine01.mydomain.com using a DNS service externally and internally.  I use this full name machine01.mydomain.com to connect to SQL Server.  I wanted to setup an SSL connection and purchased a certificate with the common name = machine01.mydomain.com and have been trying to get it to work for several days.  For everything I try, I can't get the certificate to show up in the drop down in SQL Server Configuration Manager | Protocols for MSSQLSERVER | Properties | Certificate Tab | Certificate.  Is my issue that I should have used machine01 as my common name in my SSL request?  If it is, can I get a certificate assigned to just machine01 and it will work with remote SQL Server connections to machine01.mydomain.com?  Is there a way to make a machine01.mydomain.com certificate work?  Hopefully someone out there has dealt with this before and can give me some much needed advice.  I have read some posts online that kind of talk about this issue, but I haven't seen a real definitive answer or solution that has worked for me.  Thank you very much in advance, George

How can a C# client app list the authorized CA certificates sent by a web server over an SSL connect

Hello, I am currently writting a C# client application that must access a web page over SSL authentication, having the Client authentication required. I know that the SSL protocol defines that the web server sends the list of authorized Certification Authority that the web server can trust for the SLL session to be successful. My client application has to filter a X509Certificate collection in order to popup a Certificate Selection dialog box to the user. I fould like to only display certificates that the web server would accept. I already have filtered the certificates according to the "Client Authentication" Enhanced Key Usage and other stuf. I know how to set the client certificate to be used for SLL conection, but I just would like to access the CA cert list provided by the server.   Could someone help me ? Thanks a lot !

Using Impersonation or Certificates Across Linked Servers

We are trying to isolate the custom reporting stored procedures from our third-party SQL Server database ("SourceData" database) by placing all of those procedures in a separate database ("MyReporting" database) on a separate server. In addition, and most critically, I am trying to prevent all ad-hoc reporting (MS Access, Excel, developers) against the third-party database. To accomplish this, I grant permission to a specific user to execute a stored proc in the reporting database and then the stored proc accesses the data in the third-party database either by impersonation using EXECUTE AS or by certificates (following the model described in this MSDN article: http://msdn.microsoft.com/en-us/library/ms188304(SQL.90).aspx). However, as soon as I try to implement this model across multiple servers using Linked Servers, I am unsuccessful (with one unsatisfactory exception). As far as I can tell, I've tried every combination of option in the Linked Server setup. The unsatisfactory option it to map the reporting user to the "SourceDataID" user in the SourceData database. That works, however, that simply opens up the ability to perform ad-hoc reporting if a user connects to the reporting database since the Linked Server exposes all of the tables that the SourceDataID has access to.Below are diagrams describing how these models are setup:In this Imperso

WCF and certificates : "The client certificate is not provided."

Hi,I'm having a hard time to get certificates working with my WCF application and I keep getting the error: "The client certificate is not provided. Specify a client certificate in ClientCredentials."I am using a free trial certificate by Verisign and I have done the following things on a local XP Pro machine:VeriSign Trial Secure Server CA - G2 certificate is installed in the Personal => CerficatesVeriSign Trial Secure Server Root CA - G2 certificate is installed in the Trusted Root Certification Authorities => CertificatesI am using the following kind of binding configuration settings: *** Client web.config ******<binding name="CertificateBinding" maxReceivedMessageSize="4194304">          <security mode="Message">            <message clientCredentialType="Certificate" />          </security>        </binding><endpoint address="http://localhost/MyWcfApplication/Service1.svc"        binding="wsHttpBinding" bindingConfiguration="CertificateBinding"        contract="ServiceReference1.IService1" name=&qu

.NET Framework 4 installs, but .NET4 Applications won't run and verification fails

I seem to have the same problem as these good people, http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/58ff584d-e849-49e7-8c17-563296602017 http://social.msdn.microsoft.com/Forums/en/netfxsetup/thread/d8601382-83a4-4039-a71b-3b68dcdc6e26 .NET 4 installs (reporting no overt errors).. but will fail verification with this message. .NET 4 applications fail to run. [07/22/10,17:35:35] Launching process 'Netfx40TestApplication.exe' now [07/22/10,17:35:35] Process successfully launched. Waiting 300 seconds for it to complete. [07/22/10,17:35:35] ****ERROR**** Process 'Netfx40TestApplication.exe' exited with return code -2146232576 [07/22/10,17:35:35] ****ERROR**** Verification failed for product .NET Framework 4 Full I do get this event log error when installing .net 4.0 full version , but not the client. Of course neither one works. ErrorCode 2149842967   ErrorString    CommandLine wusa.exe "G:\e1781735b278c4779d6d\Windows6.1-KB958488-v6001-x64.msu" /quiet /norestart  Steps already taken to troubleshoot this include fully uninstalling .NET 4.0 and reinstalling (both client and full); reinstalling .NET 4.0 over itself with a repair install; installing .NET 4.0 full over a client install; I've also run full disk scans etc., and my system is fully up to date with Windows Updates. Any one know what that error code means? Maybe it can he

Installing .NET Framework 3.5 without checking certificates - Registry Key ?

Hallo, could you tell me, how to install .NET Framework 3.5 without checking certificates? For each check there should be access to the internet. But during installation I don't have access to the internet. We want to install automatically and in a very quick manner! EAMuecke  

Communicating with webservices using client certificates

We are facing an issue with our .NET (2.0) application consuming a Java web service that requires client certificates. Context     Java web service running on JBoss              requires a client certificate signed by internal CA (child of internal Root CA)              has a server certificate signed by the same internal CA for authenticating itself to a consumer       .NET 2.0 Windows Application (running on an XP workstation) consuming the above Java web service               XP workstation has a client certificate (signed by internal CA) is installed in the local machine personal store             XP workstation has the internal CA and internal Root CA installed in the local machine, trusted root certification authorities hive             Visual Studio 2005 debugger shows that the client certificate is successfully retrieved from the personal store and being attached to the web service proxy             however, exception is thrown at the point of invoking the web service method             exception is: The request was aborted: Could not create SSL/TLS secure channel.                  Appears from the trace log that the initial retrieval of client certificate from the local machine personal store is successful - ---------------------------------------------------------- System.Net Information: 0 : [7480] SecureChannel#16263241 - Attempting to restart the session using th
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend