Solved

MSXML2 client certificate

Posted on 2004-08-03
7
1,020 Views
Last Modified: 2008-01-09
My asp.net app is using MSXML2 to send a XML document to a server. this server requires a client certificate for authentication.
So the piece of code to set this is:

objServHttp.setOption(MSXML2.SERVERXMLHTTP_OPTION.SXH_OPTION_SELECT_CLIENT_SSL_CERT,"LOCAL_MACHINE\\My\\<my cert name>");

My question is, what account is used to send the request? asp.net, iwam_machineName or what? I'm getting a security error:

System.Runtime.InteropServices.COMException (0x80072F8F): A security error occurred at MSXML2.ServerXMLHTTP40Class.send(Object varBody) at ASP.login_aspx.SendTestXML(Object sender, EventArgs e) in E:\Web_Sites\aespc\qbconn\login.aspx:line 88

any ideas
                  
0
Comment
Question by:vinny45
  • 3
  • 3
7 Comments
 
LVL 17

Expert Comment

by:AerosSaga
ID: 11707195
You should configure the cert in IIS, you don't send that in the request.  Heres what an XML Request via HTTP Post should look like and it shows you how to interprit the response:

Public Function DomesticShippingRate(ByVal OriginStateOrProvince As String, ByVal OriginPostalCode As String, ByVal DestinationStateOrProvinceCode As String, ByVal DestinationPostalCode As String, ByVal WeightInPounds As Single) As Single
        Dim myRequest As System.Net.HttpWebRequest = CType(myRequest.Create("https://gatewaybeta.fedex.com:443/GatewayDC"), System.Net.HttpWebRequest)
        myRequest.AllowAutoRedirect = False
        myRequest.Method = "POST"
        myRequest.ContentType = "application/x-www-form-urlencoded"
        myRequest.Accept = "True"
        myRequest.Timeout = 50000
        Dim xmlHTTPResponse As System.Net.HttpWebResponse
        Dim xmlResponse As New System.Xml.XmlDocument
        Dim strXMLAR As String = "<?xml version=""1.0"" encoding=""UTF-8"" ?>" & _
        "<FDXRateRequest xmlns:api=""http://www.fedex.com/fsmapi""" & _
        " xmlns:xsi=""http://www.w3.org/2001/XMLSchema-instance""" & _
        " xsi:noNamespaceSchemaLocation=""FDXRateRequest.xsd"">" & _
        "<RequestHeader>" & _
        "<AccountNumber>" & _AccountNumber & "</AccountNumber><MeterNumber>" & _MeterNumber & "</MeterNumber>" & _
        "<CarrierCode>FDXG</CarrierCode></RequestHeader>" & _
        "<DropoffType>REGULARPICKUP</DropoffType><Service>FEDEXGROUND</Service>" & _
        "<Packaging>YOURPACKAGING</Packaging><WeightUnits>LBS</WeightUnits>" & _
        "<Weight>" & WeightInPounds & "</Weight><OriginAddress><StateOrProvinceCode>" & _OriginStateOrProvinceCode & "</StateOrProvinceCode>" & _
        "<PostalCode>" & _OriginPostalCode & "</PostalCode><CountryCode>US</CountryCode></OriginAddress>" & _
        "<DestinationAddress><StateOrProvinceCode>" & DestinationStateOrProvinceCode & "</StateOrProvinceCode>" & _
        "<PostalCode>" & DestinationPostalCode & "</PostalCode><CountryCode>US</CountryCode></DestinationAddress>" & _
        "<Payment><PayorType>SENDER</PayorType></Payment><PackageCount>1</PackageCount>" & _
        "</FDXRateRequest>"
        Dim strFinal As String = strXMLAR
        Dim RequestStream As System.IO.Stream = myRequest.GetRequestStream()
        Dim strRequest As Byte() = System.Text.Encoding.UTF8.GetBytes(strFinal)
        RequestStream.Write(strRequest, 0, strRequest.Length)
        RequestStream.Close()
        Try
            Dim myResponse As System.Net.HttpWebResponse = CType(myRequest.GetResponse(), System.Net.HttpWebResponse)
            Dim ResponseStream As System.IO.Stream = myResponse.GetResponseStream
            xmlResponse.Load(ResponseStream)
            If xmlResponse.DocumentElement.InnerXml <> "" Then
                Return xmlResponse.SelectSingleNode("FDXRateReply/EstimatedCharges/DiscountedCharges/NetCharge").InnerXml
            Else
                Throw New FedExExceptions("The FedEx server returned the following error: " & _
                  xmlResponse.SelectSingleNode("FDXRateReply/ReplyHeader").InnerXml)
            End If
        Catch ex As Exception
            Throw ex
        Catch ex As Net.ProtocolViolationException
            Throw New FedExExceptions("A timeout occurred while contacting the FedEx server.")
        Catch ex As Net.WebException
            Throw New FedExExceptions("The FedEx server did not return any data. Please try again later.")
        End Try
    End Function

Regards,

Aeros
0
 

Author Comment

by:vinny45
ID: 11707402
Where is IIS do I configure the client cert.  My server does not require the client cert. the remote server my asp.net app is communicating with does.
0
 
LVL 17

Expert Comment

by:AerosSaga
ID: 11707468
Oh sorry I misunderstood Here you go:

http://support.microsoft.com/default.aspx?scid=kb;en-us;320602

Regards,

Aeros
0
Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 

Author Comment

by:vinny45
ID: 11709222
Aeros,

well the article is interesting but, i'm not trying to sign an xml document, I need to be able to 'show' a client cert when my app sends information to a server requiring a client certificate. I'm using Certificate property of the HttpWebRequest class to do this but i don't think i have the cert properly installed. Because I'm getting an error from the server I'm trying to connect to saying:

No common name contained in certificate distinguished name -
Common name not found in distinguished name:

any ideas?
0
 
LVL 17

Accepted Solution

by:
AerosSaga earned 500 total points
ID: 11709353
Have you performed the following steps?

http://www.wilsonmar.com/1certs.htm
0
 

Author Comment

by:vinny45
ID: 11710776
thanks
0
 

Expert Comment

by:Alan_Mc
ID: 22139617
Bumping this old isse (I just happen to have the same now). That link in the accepted solution with "the following steps" is broken now, any chance of having it again?
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Introduction This article shows how to use the open source plupload control to upload multiple images. The images are resized on the client side before uploading and the upload is done in chunks. Background I had to provide a way for user…
It was really hard time for me to get the understanding of Delegates in C#. I went through many websites and articles but I found them very clumsy. After going through those sites, I noted down the points in a easy way so here I am sharing that unde…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

828 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question