473,698 Members | 2,737 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

security mode="Transport WithMessageCred ential"

Hi

I am creating a web service PreprocessingSe rvice with IIS Hosting and
transport layer security with user name and password.
I created a self-signed certificate IISHost in IIS which is issued to and
issued by the local host.
When I run the service from IIS (https) it is running fine but when I call
it from the client it is throwing the following exception:

An unhandled exception of type
'System.Service Model.Security. SecurityNegotia tionException' occurred in
mscorlib.dll

Additional information: Could not establish trust relationship for the
SSL/TLS secure channel with authority 'localhost'.

I can not figure it out what could be the problem.

Cheers.

Manjree
Jun 27 '08 #1
1 3191

Sorry forgot to add the config file. The Host's web.config is:

<?xml version="1.0"?>
<!--
Note: As an alternative to hand editing this file you can use the
web admin tool to configure settings for your application. Use
the Website->Asp.Net Configuration option in Visual Studio.
A full list of settings and comments can be found in
machine.config. comments usually located in
\Windows\Micros oft.Net\Framewo rk\v2.x\Config
-->
<configuratio n>
<configSections >
<sectionGroup name="system.we b.extensions"
type="System.We b.Configuration .SystemWebExten sionsSectionGro up,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5">
<sectionGroup name="scripting "
type="System.We b.Configuration .ScriptingSecti onGroup, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5">
<section name="scriptRes ourceHandler"
type="System.We b.Configuration .ScriptingScrip tResourceHandle rSection,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
allowDefinition ="MachineToAppl ication"/>
<sectionGroup name="webServic es"
type="System.We b.Configuration .ScriptingWebSe rvicesSectionGr oup,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5">
<section name="jsonSeria lization"
type="System.We b.Configuration .ScriptingJsonS erializationSec tion,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
allowDefinition ="Everywhere " />
<section name="profileSe rvice"
type="System.We b.Configuration .ScriptingProfi leServiceSectio n,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
allowDefinition ="MachineToAppl ication" />
<section name="authentic ationService"
type="System.We b.Configuration .ScriptingAuthe nticationServic eSection,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
allowDefinition ="MachineToAppl ication" />
<section name="roleServi ce"
type="System.We b.Configuration .ScriptingRoleS erviceSection,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5" requirePermissi on="false"
allowDefinition ="MachineToAppl ication" />
</sectionGroup>
</sectionGroup>
</sectionGroup>
</configSections>
<appSettings/>
<connectionStri ngs/>

<system.web>
<!--
Set compilation debug="true" to insert debugging
symbols into the compiled page. Because this
affects performance, set this value to true only
during development.
-->
<compilation debug="false">

<assemblies>
<add assembly="Syste m.Core, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= B77A5C561934E08 9"/>
<add assembly="Syste m.Xml.Linq, Version=3.5.0.0 ,
Culture=neutral , PublicKeyToken= B77A5C561934E08 9"/>
<add assembly="Syste m.Web.Extension s, Version=3.5.0.0 ,
Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5"/>
<add assembly="Syste m.Data.DataSetE xtensions, Version=3.5.0.0 ,
Culture=neutral , PublicKeyToken= B77A5C561934E08 9"/>
</assemblies>

</compilation>
<!--
The <authentication section enables configuration
of the security authentication mode used by
ASP.NET to identify an incoming user.
-->
<authenticati on mode="Windows" />
<!--
The <customErrorsse ction enables configuration
of what to do if/when an unhandled error occurs
during the execution of a request. Specifically,
it enables developers to configure html error pages
to be displayed in place of a error stack trace.

<customErrors mode="RemoteOnl y"
defaultRedirect ="GenericErrorP age.htm">
<error statusCode="403 " redirect="NoAcc ess.htm" />
<error statusCode="404 " redirect="FileN otFound.htm" />
</customErrors>
-->
<pages>
<controls>
<add tagPrefix="asp" namespace="Syst em.Web.UI"
assembly="Syste m.Web.Extension s, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5"/>
</controls>
</pages>

<httpHandlers >
<remove verb="*" path="*.asmx"/>
<add verb="*" path="*.asmx" validate="false "
type="System.We b.Script.Servic es.ScriptHandle rFactory, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5"/>
<add verb="*" path="*_AppServ ice.axd" validate="false "
type="System.We b.Script.Servic es.ScriptHandle rFactory, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5"/>
<add verb="GET,HEAD" path="ScriptRes ource.axd"
type="System.We b.Handlers.Scri ptResourceHandl er, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5"
validate="false "/>
</httpHandlers>
<httpModules>
<add name="ScriptMod ule" type="System.We b.Handlers.Scri ptModule,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5"/>
</httpModules>
</system.web>

<system.codedom >
<compilers>
<compiler language="c#;cs ;csharp" extension=".cs" warningLevel="4 "
type="Microsoft .CSharp.CSharpC odeProvider, System,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b77a5c561934e08 9">
<providerOpti on name="CompilerV ersion" value="v3.5"/>
<providerOpti on name="WarnAsErr or" value="false"/>
</compiler>
<compiler language="vb;vb s;visualbasic;v bscript" extension=".vb"
warningLevel="4 "
type="Microsoft .VisualBasic.VB CodeProvider, System,
Version=2.0.0.0 , Culture=neutral , PublicKeyToken= b77a5c561934e08 9">
<providerOpti on name="CompilerV ersion" value="v3.5"/>
<providerOpti on name="OptionInf er" value="true"/>
<providerOpti on name="WarnAsErr or" value="false"/>
</compiler>
</compilers>
</system.codedom>

<!--
The system.webServe r section is required for running ASP.NET AJAX
under Internet
Information Services 7.0. It is not necessary for previous version
of IIS.
-->
<system.webServ er>
<validation validateIntegra tedModeConfigur ation="false"/>
<modules>
<add name="ScriptMod ule" preCondition="i ntegratedMode"
type="System.We b.Handlers.Scri ptModule, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5"/>
</modules>
<handlers>
<remove name="WebServic eHandlerFactory-Integrated"/>
<add name="ScriptHan dlerFactory" verb="*" path="*.asmx"
preCondition="i ntegratedMode"
type="System.We b.Script.Servic es.ScriptHandle rFactory,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5"/>
<add name="ScriptHan dlerFactoryAppS ervices" verb="*"
path="*_AppServ ice.axd" preCondition="i ntegratedMode"
type="System.We b.Script.Servic es.ScriptHandle rFactory,
System.Web.Exte nsions, Version=3.5.0.0 , Culture=neutral ,
PublicKeyToken= 31BF3856AD364E3 5"/>
<add name="ScriptRes ource" preCondition="i ntegratedMode"
verb="GET,HEAD" path="ScriptRes ource.axd"
type="System.We b.Handlers.Scri ptResourceHandl er, System.Web.Exte nsions,
Version=3.5.0.0 , Culture=neutral , PublicKeyToken= 31BF3856AD364E3 5" />
</handlers>
</system.webServe r>
<system.service Model>
<services>
<service behaviorConfigu ration="mexBeha vior"
name="Preproces singServiceLibr ary.Preprocessi ngService">
<endpoint
address="https://Avacta-n31M-1:443/PreprocessingSe rvice/Service.svc"
binding="wsHttp Binding"
bindingConfigur ation="WsHttpBi nding_IPreproce ss"
name="WsHttpBin ding_IPreproces s"
contract="Prepr ocessingService Library.IPrepro cess" />
</service>
</services>
<behaviors>
<serviceBehavio rs>
<behavior name="mexBehavi or">
<serviceMetadat a httpsGetEnabled ="true" />
<serviceDebug includeExceptio nDetailInFaults ="true" />
</behavior>
</serviceBehavior s>
</behaviors>
<bindings>
<wsHttpBindin g>
<binding name="WsHttpBin ding_IPreproces s" closeTimeout="0 0:10:00"
openTimeout="00 :01:00" receiveTimeout= "00:10:00"
sendTimeout="00 :10:00"
allowCookies="f alse" bypassProxyOnLo cal="false"
hostNameCompari sonMode="Strong Wildcard"
maxBufferPoolSi ze="200000000" maxReceivedMess ageSize="200000 00"
messageEncoding ="Text" textEncoding="u tf-8"
useDefaultWebPr oxy="true">
<readerQuotas maxDepth="20000 000" maxStringConten tLength="200000 00"
maxArrayLength= "20000000" maxBytesPerRead ="20000000"
maxNameTableCha rCount="2000000 0" />
<security mode="Transport WithMessageCred ential">
<message clientCredentia lType="UserName " />
</security>
</binding>
</wsHttpBinding>
</bindings>
</system.serviceM odel>
</configuration>

"Manjree Garg" wrote:
Hi

I am creating a web service PreprocessingSe rvice with IIS Hosting and
transport layer security with user name and password.
I created a self-signed certificate IISHost in IIS which is issued to and
issued by the local host.
When I run the service from IIS (https) it is running fine but when I call
it from the client it is throwing the following exception:

An unhandled exception of type
'System.Service Model.Security. SecurityNegotia tionException' occurred in
mscorlib.dll

Additional information: Could not establish trust relationship for the
SSL/TLS secure channel with authority 'localhost'.

I can not figure it out what could be the problem.

Cheers.

Manjree
Jun 27 '08 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

1
2352
by: Namratha Shah \(Nasha\) | last post by:
Hey Guys, Before we start with our sample app we need to view the security configuration files on the machine. You will find them under <drive>\WInNT\Microsoft.NET\FrameWork\<version>\Config Enterprise Level Security configuration file is :- enterprise.config Machine Level Security configuration file is :- security.config
2
5640
by: robert | last post by:
well, talk about timely. i'm tasked to implement a security feature, and would rather do so in the database than the application code. the application is generally Oracle, but sometimes DB2. Oracle has what it calls package DBMS_RLS, which implements application ignorant row level security. scanning this group yielded "you can't do that; use views". then i dug out DB2Mag qtr 1 2004, and there is MLS for v8/390. from this article,...
116
7512
by: Mike MacSween | last post by:
S**t for brains strikes again! Why did I do that? When I met the clients and at some point they vaguely asked whether eventually would it be possible to have some people who could read the data and some who couldn't but that it wasn't important right now. And I said, 'sure, we can do that later'. So now I've developed an app without any thought to security and am trying to apply it afterwards. Doh!, doh! and triple doh!
4
7983
by: Ashish | last post by:
Hi Guys I am getting the following error while implementing authentication using WS-security. "Microsoft.Web.Services2.Security.SecurityFault: The security token could not be authenticated or authorized ---> System.Exception: WSE565: The password provided the SecurityTokenManager does not match the one on the incoming token. at Microsoft.Web.Services2.Security.Tokens.UsernameTokenManager.VerifyPlainText
0
1521
by: prithvi g via .NET 247 | last post by:
Hi I am a newbie to .NET remoting, I am trying to implementauthorization using SSPI example provided by Michael Barnett. Ihave included the required dll(Microsoft.Samples.Security.SSPI.dll andMicrosoft.Samples.Runtime.Remoting. Security in both my clientand server. I have have defined my config files as follows for client <?xml version="1.0" encoding="utf-8" ?> <configuration> <system.runtime.remoting> <application> <channels>...
1
3369
by: Earl Teigrob | last post by:
Background: When I create a ASP.NET control (User or custom), it often requires security to be set for certain functionality with the control. For example, a news release user control that is comprised of a DataGrid may have separate permissions for adding, deleting and updating a news item. Problem Up until now, I have been implementing security directly inside the control. I will test directly against the security model to see if...
5
2059
by: Norsoft | last post by:
I have a .Net 1.1 application which is downloaded into an aspx page. It is a dll which inherits from System.Windows.Forms.UserControl. It works fine on a PC with only the 1.1 Framework. However, the control will not load on a PC with the 2.0 Framework installed. I know that IE will use the newest framework so I assume it is a security issue. At the assembly level I apply the following attributes;
7
1982
by: Magdelin | last post by:
Hi, My security team thinks allowing communication between the two IIS instances leads to severe security risks. Basically, we want to put our presentation tier on the perimeter network and the business tier inside the fire wall or internal network. The biz tier will be developed and deployed as web services on IIS. I know microsoft recommends this architecture but I am not able to convince my security team. They say IIS is vulnerable...
0
4341
by: Jay C. | last post by:
Jay 3 Jan. 11:38 Optionen anzeigen Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements Von: "Jay" <p.brunm...@nusurf.at> - Nachrichten dieses Autors suchen Datum: 3 Jan 2006 02:38:30 -0800 Lokal: Di 3 Jan. 2006 11:38 Betreff: Referenced security token could not be retrieved Antworten | Antwort an Autor | Weiterleiten | Drucken | Einzelne Nachricht | Original anzeigen | Entfernen | Missbrauch melden
3
2243
by: Velvet | last post by:
I ran FxCop on one of the components for my web site and the security rules what me to add " tags like the ones listed below: This breaks my ASP.NET application. So my question is, what should these
0
8610
by: Hystou | last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can effortlessly switch the default language on Windows 10 without reinstalling. I'll walk you through it. First, let's disable language synchronization. With a Microsoft account, language settings sync across devices. To prevent any complications,...
0
9170
Oralloy
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. Here is my compilation command: g++-12 -std=c++20 -Wnarrowing bit_field.cpp Here is the code in...
0
9031
jinu1996
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that captivates audiences and drives business growth. The Art of Business Website Design Your website is...
0
8873
tracyyun
by: tracyyun | last post by:
Dear forum friends, With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each protocol has its own unique characteristics and advantages, but as a user who is planning to build a smart home system, I am a bit confused by the choice of these technologies. I'm particularly interested in Zigbee because I've heard it does some...
1
6528
isladogs
by: isladogs | last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes instead of User Defined Types (UDT). For example, to manage the data in unbound forms. Adolph will...
0
5862
by: conductexam | last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert into image. Globals.ThisAddIn.Application.ActiveDocument.Select();...
0
4623
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
2
2339
muto222
by: muto222 | last post by:
How can i add a mobile payment intergratation into php mysql website.
3
2007
bsmnconsultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence can significantly impact your brand's success. BSMN Consultancy, a leader in Website Development in Toronto offers valuable insights into creating effective websites that not only look great but also perform exceptionally well. In this comprehensive...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.