473,320 Members | 1,846 Online
Bytes | Software Development & Data Engineering Community
Post Job

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 473,320 software developers and data experts.

certificate based web call fails under iis (urgent!)

hallo -
I am making a web request (actually a web service call) from within my
web service.

this works fine under the developement web server - but fails under
IIS with:
>System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.
anyone have any suggestions?

I have tried various impersonation / permissions scenarios with no
success.

This is urgent as I'm currently looking like a tit that doesn't know
what he's doing!

thanks,
Oli.

the code is trivial:

_x509Certificate = new X509Certificate(fullFilePath, password);
..
..
requester.ClientCertificates.Add(_x509Certificate) ;

May 11 '07 #1
5 3729
On May 11, 9:29 am, olihar...@googlemail.com wrote:
hallo -
I am making a web request (actually a web service call) from within my
web service.

this works fine under the developement web server - but fails under
IIS with:
System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.

anyone have any suggestions?

I have tried various impersonation / permissions scenarios with no
success.

This is urgent as I'm currently looking like a tit that doesn't know
what he's doing!

thanks,
Oli.

the code is trivial:

_x509Certificate = new X509Certificate(fullFilePath, password);
.
.
requester.ClientCertificates.Add(_x509Certificate) ;
Did you google it? Lots of stuff got returned

http://www.google.com/search?sourcei...secure+channel
May 11 '07 #2
hi Larry - yeah been googling most of the afternoon - been stuck on
this ~ 4 hours now :(

O.
May 11 '07 #3
I have not installed the certificate in any "certificate store" - it
get's loaded directly off the file system as per:

_x509Certificate = new X509Certificate(fullFilePath, password);

is there some "microsoft way" that I (begrudgingly) have to follow
here? - to my knowledge the cert *must* be loaded from the file system
- but what a lot of other people seem to do is store it, then export
it....

running XP pro.

desperate....

O.

May 11 '07 #4
I think this may be failing under IIS because the certificate is not
valid.

*I already know the certificate is not valid and still want to use
it ! *

I think it's not valid because it is not signed by a CA such as
Verisign.

if I work directly with the Certificate Store like this:

X509Store store = new X509Store(StoreName.Root,
StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection col =
store.Certificates.Find(X509FindType.FindByIssuerN ame, "SAVVIS",true);

I can use that last parameter in "Find" to return only valid Certs -
hence indicating that the cert is not valid (there's surely a better
way).

I think it's perfectly reasonable to use an invalid cert in this way -
anyone got any comments on that - or suggestions on where to go from
here?

ta,
O.
May 11 '07 #5
**** FIXED **** !!!! :) :) :)
.....sort of :(

in order to get this to work (summary: Certificate based security
calling web service from within a web service - only broken under IIS
- works find under dev. server):

- install cert in local machine certificate store
- give ASPNET account permissions on that cert:
winhttpcertcfg.exe -g -c LOCAL_MACHINE\Root -s "SAVVIS" -a
"ASPNET"

....this gives me a deployment and managability headache grrrr. under
the .net 2.0 dev server I don't need any of this, and can read the
cert directly from disk. If anyone has any ideas how to do that under
IIS *please contact me* !!

O.

May 11 '07 #6

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics

2
by: IWP506 | last post by:
I just CANNOT figure out what is wrong with this! ------ $op1f = fopen("./test.txt","r"); $op1 = fread($op1f, filesize($op1f)); ------
14
by: David Blickstein | last post by:
I have some XML documents that I want to open in a web browser and be automatically translated to HTML via XSLT. I'm using an xml-stylesheet processing command in a file called "girml.xml". ...
1
by: Dennis.Hoffman | last post by:
I have been using XML-RPC to get information from one of our remote servers. To improve security, the server now has a certificate installed, and when I try to access it, I get an 'Unauthorized'...
4
by: Alien2_51 | last post by:
I have a commerce server application that's accessible from our internal users via integrated security and accessible to external users via certificate and ssl. I have a problem that's only...
1
by: Charles | last post by:
Ok, I have an Access 97 GUI with SQL 7.0 backend. On one database I'm constantly getting a call fail. I'm not sure why. From the user accounts it seems to happen mostly when they have the form...
1
by: maflatoun | last post by:
Hi, We have a form based authentication implemented on our site that has been working great for over 2 years for oursite.com, oursite.ca and oursite.co.uk. However, today I found out that...
2
by: =?Utf-8?B?Sm9hY2hpbQ==?= | last post by:
I have the below C# definitions and function call to an unsafe C++/CLI function in an external dll. When debugging the calls step by step everything seems to work, but if I just run everything...
2
by: rdilipk | last post by:
I am posting at the end of this post some code that P/Invoke's SetSystemTime to set the local system time. This call fails -- i.e the time is not set and the API returns false. However calling...
2
by: knellim | last post by:
I can connect to DB2 on the command line on the server. db2=>connect to mytest user knellim using xxxx Database Connection Information Database server = Apache Derby CSS10050 ...
0
by: DolphinDB | last post by:
The formulas of 101 quantitative trading alphas used by WorldQuant were presented in the paper 101 Formulaic Alphas. However, some formulas are complex, leading to challenges in calculation. Take...
0
by: DolphinDB | last post by:
Tired of spending countless mintues downsampling your data? Look no further! In this article, you’ll learn how to efficiently downsample 6.48 billion high-frequency records to 61 million...
0
by: Vimpel783 | last post by:
Hello! Guys, I found this code on the Internet, but I need to modify it a little. It works well, the problem is this: Data is sent from only one cell, in this case B5, but it is necessary that data...
0
by: jfyes | last post by:
As a hardware engineer, after seeing that CEIWEI recently released a new tool for Modbus RTU Over TCP/UDP filtering and monitoring, I actively went to its official website to take a look. It turned...
0
by: ArrayDB | last post by:
The error message I've encountered is; ERROR:root:Error generating model response: exception: access violation writing 0x0000000000005140, which seems to be indicative of an access violation...
1
by: PapaRatzi | last post by:
Hello, I am teaching myself MS Access forms design and Visual Basic. I've created a table to capture a list of Top 30 singles and forms to capture new entries. The final step is a form (unbound)...
0
by: Defcon1945 | last post by:
I'm trying to learn Python using Pycharm but import shutil doesn't work
0
by: af34tf | last post by:
Hi Guys, I have a domain whose name is BytesLimited.com, and I want to sell it. Does anyone know about platforms that allow me to list my domain in auction for free. Thank you
0
by: Faith0G | last post by:
I am starting a new it consulting business and it's been a while since I setup a new website. Is wordpress still the best web based software for hosting a 5 page website? The webpages will be...

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.