471,348 Members | 1,500 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,348 software developers and data experts.

Help adding service reference

Hi,

I was wondering if it was possible to add a service reference to a web
service which requires an SSL certificate to authenticate? If not, if
I have the SSL certificate installed via mmc snap-in, is there another
way to send an XML payload to the web service with an SSL certificatre
attached to the request?

Appreciate any thoughts on this as I am a bit of a newbie.

Thanks
Jun 27 '08 #1
5 7600
Can I check - the issue here is adding the reference in the first
place, yes? In which case, you might try obtaining the metadata
separately; most tools such as wsdl.exe, wse3wsdl.exe (for regular
SOAP and WSE3 SOAP respectively) and svcutil.exe (for WCF) will accept
a .wsdl or .xsd (or .discomap) at the command line. It might not be as
shiny as the VS window, but it'll work (and give you more options
too).

You can normally obtain the wsdl by doing (for example) ?wsdl on an
asmx. WCF has a different protocol (mex), but if it is disabled it
shows you a help screen instead telling you how to enable it.

Marc
Jun 27 '08 #2
If I misunderstood, and the issue is *using* the SSL web-service at
runtime, then you'll need to write some code. For wse/wse3 you can add
to the ClientCertificates collection; for WCF (which is what I
understand for "service reference"), there
is .ClientCredentials.ClientCertificate; either set .Certificate, or
call .SetCertificate(). I think you can also do this via config, but I
can't remember how exactly off-hand.

Marc
Jun 27 '08 #3
On Jun 10, 8:46 am, Marc Gravell <marc.grav...@gmail.comwrote:
If I misunderstood, and the issue is *using* the SSL web-service at
runtime, then you'll need to write some code. For wse/wse3 you can add
to the ClientCertificates collection; for WCF (which is what I
understand for "service reference"), there
is .ClientCredentials.ClientCertificate; either set .Certificate, or
call .SetCertificate(). I think you can also do this via config, but I
can't remember how exactly off-hand.

Marc
Hi Marc,

Thanks for your replies. The web service I am trying to connect to
needs an ssl certificate otherwise I cannot connect to it. I have
tried using the code below but I keep getting "Unable to connect to
the remote server". I have also made sure that it ignores all
certifcate error but that also doesn't work.

webRequest.ClientCertificates.Add(GetCertificate() );

private X509Certificate GetCertificate()
{
///Set store to LocalMachine as this is where the
certificates must be installed
X509Store store = new X509Store(StoreName.My,
StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
///Find certificate based on it's name
X509Certificate2Collection certificates =
store.Certificates.Find(X509FindType.FindBySubject Name, this.sslName,
true);
return certificates[0];

}

The following code which is in the constructor of the class ignores
the ssl cert errors.

ServicePointManager.ServerCertificateValidationCal lback =
TrustAllCertificateCallback;

public static bool TrustAllCertificateCallback(object sender,
X509Certificate cert, X509Chain chain, SslPolicyErrors
errors)
{
return true;
}
Jun 27 '08 #4
Maybe I'm being daft; you mentioned SSL to authenticate, so I was
thinking client certificates; but if you actually mean an ssl (https)
certificate, then just ensure that you connect over https. WCF uses
this approach, and won't accept username/password pairs
(TransportWithMessageCredential) unless the transport provides
encryption.

However, most service code is very picky, and wants that certificate
to be properly trusted. Is this the issue? You don't trust the
certificate the server is issuing? In which case MMC would be your
first port of call (or get a better certificate at the server). In
fact, WCF even demands that the servers agree on the time (UTC)...

Marc
Jun 27 '08 #5
On Jun 10, 10:00 am, Marc Gravell <marc.grav...@gmail.comwrote:
Maybe I'm being daft; you mentioned SSL to authenticate, so I was
thinking client certificates; but if you actually mean an ssl (https)
certificate, then just ensure that you connect over https. WCF uses
this approach, and won't accept username/password pairs
(TransportWithMessageCredential) unless the transport provides
encryption.

However, most service code is very picky, and wants that certificate
to be properly trusted. Is this the issue? You don't trust the
certificate the server is issuing? In which case MMC would be your
first port of call (or get a better certificate at the server). In
fact, WCF even demands that the servers agree on the time (UTC)...

Marc
Hi,

The client SSL certificate is installed correctly and is trusted. The
web service requires that I attach the client SSL certificate with the
https request, if I don't it will not allow me to connect to their
service. I have used the code above which picks the correct
certificate from the certificate store and attaches it, however when I
send the request I get an "Unable to connect to server" message, which
is basically telling me that the certificate wasn't attached. I was
able to do something similar in VB6 using WinHTTP which worked a
treat, but I can't get it to work in C#.

Appreciate any suggestions.
Jun 27 '08 #6

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

2 posts views Thread by John | last post: by
1 post views Thread by Jeff Dillon | last post: by
1 post views Thread by rgarf | last post: by
4 posts views Thread by =?Utf-8?B?Z3Jhenph?= | last post: by
reply views Thread by Ronak mishra | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.