hello,
i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.
our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:
//costco webservice proxy object
PartnersProxyClass ws = new PartnersProxyClass();
//load certificate for costco intranet account
X509Certificate cert =
X509Certificate.CreateFromCertFile("c:\temp\foo.ce r");
//add cert to ws
ws.ClientCertificates.Add(cert);
//add authentication info to ws
ws.Credentials = new NetworkCredential("foo_user", "foo_pw");
//hit ws and get a returned obj
WsMember member = ws.read(customerID);
....this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:
"The underlying connection was closed: An unexpected error occurred on
a send."
....and, looking into our event log, i see this:
"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."
i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.
....i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt
--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556
4  20470 
Most probably, the ASPNET process identity does not have permissions to read
the certificate.
can you try the steps given at this url? http://blogs.msdn.com/adarshk/archiv...19/187667.aspx
--
feroze
-----------------
This posting is provided as-is. It offers no warranties and assigns no
rights.
See http://weblogs.asp.net/feroze_daud for System.Net related posts.
----------------
<Ma****************@CapitalOneAuto.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com... hello,
i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.
our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:
//costco webservice proxy object
PartnersProxyClass ws = new PartnersProxyClass();
//load certificate for costco intranet account
X509Certificate cert =
X509Certificate.CreateFromCertFile("c:\temp\foo.ce r");
//add cert to ws
ws.ClientCertificates.Add(cert);
//add authentication info to ws
ws.Credentials = new NetworkCredential("foo_user", "foo_pw");
//hit ws and get a returned obj
WsMember member = ws.read(customerID);
...this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:
"The underlying connection was closed: An unexpected error occurred on
a send."
...and, looking into our event log, i see this:
"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."
i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.
...i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt
--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556
Most probably, the ASPNET process identity does not have permissions to read
the certificate.
can you try the steps given at this url? http://blogs.msdn.com/adarshk/archiv...19/187667.aspx
--
feroze
-----------------
This posting is provided as-is. It offers no warranties and assigns no
rights.
See http://weblogs.asp.net/feroze_daud for System.Net related posts.
----------------
<Ma****************@CapitalOneAuto.com> wrote in message
news:11**********************@z14g2000cwz.googlegr oups.com... hello,
i am developing an ASP.NET web app that consumes a 3rd party vendor
webservice. it is my first one so while ive done my homework, im not an
expert on the matter.
our partner's webservice operates on SSL via an "https://" url. they
also gave me a .PFX certificate which ive installed via window's MMC
utility, into the "Computer account"'s Personal store; as indicated by
articles id found. i then export a .CER to the filesystem which my
C#.NET picks up. lastly, we attach our username/pw credentials. the
relevant code:
//costco webservice proxy object
PartnersProxyClass ws = new PartnersProxyClass();
//load certificate for costco intranet account
X509Certificate cert =
X509Certificate.CreateFromCertFile("c:\temp\foo.ce r");
//add cert to ws
ws.ClientCertificates.Add(cert);
//add authentication info to ws
ws.Credentials = new NetworkCredential("foo_user", "foo_pw");
//hit ws and get a returned obj
WsMember member = ws.read(customerID);
...this works on my Windows XP dev machine, as well as on our Windows
2000 test machines. however, when we publish it to our Windows 2000
production webfarm, operating on BigIP, it does work. .NET reports this
on the .read() attempt:
"The underlying connection was closed: An unexpected error occurred on
a send."
...and, looking into our event log, i see this:
"The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure."
i dont have access to the machine (big company) to try hitting the URL
via IE. however, i *did* write & install a command-line (DOS) .NET
program that does a simple test and hits the webservice serveral times
using the same code. *it works!* but our ASP.NET does not. this seems
key.
...i am trying to figure out what it all means and how to fix it. ive
read a dozen posts or so, and am exploring those options. but if anyone
can relate to our situation, i would appreciate it.
thanks!
matt
--
Matt Del Vecchio
Programmer Analyst
(619) 358-7556
i thought that may have been it as well, but it wasnt. i used
winhttpcertconfig to check the permissions. when that is the case, it
gives a different error. namely, "403: Access is forbidden" -- not the
one i was experiencing.
my next step was to disable the keep-alives in our proxy class as
recommended, and set httpprotocol to 1.0. that then produced this
error:
"The underlying connection was closed: Could not establish secure
channel for SSL/TLS."
....interesting. so then i inspected the .PFX w/ embedded private key
given to us by our partner.. in MMC when double-clicking, i saw this:
[yellow exclaimation triangle ("!")] "Windows does not have enough
information to verify this certificate."
then at the bottom, "You have a private key that corresponds to this
certificate."
oh oh. this last message was the key -- our certificate should NOT have
had any errors or alerts whatsoever. working w/ MS, they identified
part of the problem: we didnt have a Certificate Authority ("CA") cert
installed for our partner-provided cert. they forgot to give us one
that had both the normal cert & the CA needed to verify it!
once i received the CA cert from our partner, that took care of the
problem ("The underlying connection was closed: Could not establish
secure channel for SSL/TLS").
what i cannot say, is whether that would have taken care of the
original error ("The underlying connection was closed: An unexpected
error occurred on a send"). i suspect it would not have... i cant test
because the server is off-limits to me now, but im thinking disabling
keep-alives took care of that first error, thus paving way for our
second error, the lacking CA.
fun.
matt
i thought that may have been it as well, but it wasnt. i used
winhttpcertconfig to check the permissions. when that is the case, it
gives a different error. namely, "403: Access is forbidden" -- not the
one i was experiencing.
my next step was to disable the keep-alives in our proxy class as
recommended, and set httpprotocol to 1.0. that then produced this
error:
"The underlying connection was closed: Could not establish secure
channel for SSL/TLS."
....interesting. so then i inspected the .PFX w/ embedded private key
given to us by our partner.. in MMC when double-clicking, i saw this:
[yellow exclaimation triangle ("!")] "Windows does not have enough
information to verify this certificate."
then at the bottom, "You have a private key that corresponds to this
certificate."
oh oh. this last message was the key -- our certificate should NOT have
had any errors or alerts whatsoever. working w/ MS, they identified
part of the problem: we didnt have a Certificate Authority ("CA") cert
installed for our partner-provided cert. they forgot to give us one
that had both the normal cert & the CA needed to verify it!
once i received the CA cert from our partner, that took care of the
problem ("The underlying connection was closed: Could not establish
secure channel for SSL/TLS").
what i cannot say, is whether that would have taken care of the
original error ("The underlying connection was closed: An unexpected
error occurred on a send"). i suspect it would not have... i cant test
because the server is off-limits to me now, but im thinking disabling
keep-alives took care of that first error, thus paving way for our
second error, the lacking CA.
fun.
matt
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics | |
by: Fredrik L |
last post by:
Hi,
We have an application outside the firewall who talks to a webservice inside
the firewall. 9 times of 10 this works, but sometimes we got the error "The
underlying connection was closed: An...
|
by: Vijayakrishna Pondala |
last post by:
Hi,
We are using the following error randomly, when accessing a webservice
method/servlet hosted on JBoss application server:
The underlying connection was closed: An unexpected error occurred...
|
by: David Mediavilla |
last post by:
I am writing a client for an HTTPS web service using WSE 1.0 but I
always get an error like "The underlying connection was closed: An
unexpected error occurred on a send."
Sometimes the error...
|
by: Mahesh Devjibhai Dhola |
last post by:
Hi,
I am getting the following exception when using webservice..
"The underlying connection was closed: An unexpected error occurred on a receive"
I am not getting any innerexception so no clue...
|
by: Andrew Hunot |
last post by:
I have VB code in VS2003 which creates a HttpWebRequest and performs a POST
operation to a remote URL (an https site), which runs fine and receives a
valid response.
However exactly the same...
| | |
by: Apu Nahasapeemapetilon |
last post by:
Why do I get the following two error messages, intermittently, when I issue a
"SendRequestResponse(methodName, requestEnvelope);" command on a class
derived from...
|
by: Scott McFadden |
last post by:
When I invoke two web service methods sequentially with no delay, the first
web method invocation goes smooth while the 2nd one generates the dredded:
System.Net.WebException: The underlying...
|
by: Mrozik |
last post by:
Hi!
I have a problem - after deploying application in client
environment, on some client machines occured error.
Environment:
App server: ASP.NET WebService/Win 2003/ secured SSL (.NET 2.0)...
|
by: imonline |
last post by:
Hi,
I have created a asp.net page which posts XML on the web service
using .net 2.0. The page and the webservice was working fine but once
I converted them to .net 3.5 I have been getting...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
| | |
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
|
by: conductexam |
last post by:
I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and...
|
by: adsilva |
last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
|
by: 6302768590 |
last post by:
Hai team
i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
|
by: muto222 |
last post by:
How can i add a mobile payment intergratation into php mysql website.
| | |
by: bsmnconsultancy |
last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
| | |
