Solved

.NET WebService client with certificates

Posted on 2012-03-29
14
2,590 Views
Last Modified: 2012-04-04
Hello all.

I am trying to write a simple web service client using Visual Studio 2010.
The WSDL for the service is here:
http://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl

I was able to call the service using SoapUI using the given certificate file (ext. .crt) and password.

I created a simple console application and added the Web Reference to the service and got a proxy object to call the service.

I spent many hours trying to write a simple function to call the service from my .NET console application but it fails with error:
' Impossible to create a secure SSL/TSL canal'

    static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      X509Certificate cert = X509Certificate.CreateFromCertFile("MyCertFile.crt");
      swps.ClientCertificates.Add(cert);
      NetworkCredential nwCredential = new NetworkCredential("<user>", "<pwd>");
      swps.Credentials = nwCredential;

      swp.address = ... (same params as with SoapUI test)
      ...
      try
      {
        swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
         ...
      }

I just can't find how to setup the call (credentials / certificate) ... in my .Net example.

Ant help would be greatly appreciated.

Best regards

Noel
No matter what i try, it alway return that same exception ...
0
Comment
Question by:Buz007
  • 7
  • 5
  • 2
14 Comments
 
LVL 9

Expert Comment

by:lojk
ID: 37786271
The service, when accessed from a browser over https reports that the certifcate is not valid or self-signed (i.e. not trusted by your browser and/or machine certificate store).

here is the error from the Add Service Reference box in VS2010 on my machine...

There was an error downloading 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
The request was aborted: Could not create SSL/TLS secure channel.
Metadata contains a reference that cannot be resolved: 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
Could not establish secure channel for SSL/TLS with authority 'webservices.telus.com'.
The request was aborted: Could not create SSL/TLS secure channel.
If the service is defined in the current solution, try building the solution and adding the service reference again.

So until you get the site certificate signed by a CA (i.e. create the cert on the machine issuing the ssl channel and generate a CSR and install the signed reply on the IIS box) i dont think it will work.

As far as i am aware you cant just copy the cert from another machine unless there is a valid certificate trust chain for that certificate on that box - I dont think primarily it is an authentication issue but what are you running this on? IIS6/7?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786490
Not sure if you've already seen this one but here is a fairly thorough walkthrough that may help (that is more specific to your question than my answer is)..

http://www.codeproject.com/Articles/18601/An-easy-way-to-use-certificates-for-WCF-security
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786641
hmm, where do you see 'service' class??? I get only 'client' :)
0
Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

 
LVL 9

Expert Comment

by:lojk
ID: 37786863
When adding the service to my (test) console app here is what i get...

(see attached)
Capture9.PNG
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786869
works fine when i add it without SSL

(see attached)
Capture10.PNG
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786894
exactly, so my question still stands :) -

where does "SendWapPushService swps = new SendWapPushService();" in OP come from?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786933
huh? I dont understand what you mean?

The name SendWapPushService is effectively the name/location of the class where your WCF service is declared - when adding the service reference, other than the namespace you provide the rest is dervied from the info in the wsdl and/or the url...
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786959
unless I'm missing something obvious, the only thing one [usually] provides when adding a reference is the reference name (ie namespace) which is then added as '<your main manespace>.<your ref name>', and then the classes names inside the proxy are taken from wsdl file.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786998
Yep - what i am saying is that your declaring WCF class/service name (must) contains the word 'Service' and that is also hosted in a similiarly named Virtual Directory/Application but i dont understand what you are actually asking me in ID: 37786641or ID: 37786894

Can you clarify what your actual question is please - did my original comment not help?
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787081
I'm not the one who asked the question :), I've been trying to help.

so what I meant in my posts is very simple:

the author of the OP asked "I am trying to write a simple web service client using Visual Studio 2010.", so once you added the service reference (yes, it shows you service name - SendWapPushService with one interface, but it obviously can have  many) you then add something like

using mytest.ServiceReference1;

Open in new window

...

to your console app. Then you want to create an instance of the client, don't you? In order do do it and to see all offered classes, you could write something like

mytest.ServiceReference1. <---- 'dot' here, to see everything

Open in new window


so once you did it with provided wsdl, the only potential 'main' client class I see is SendWapPush1Client.

Hence my question - NOT the one that author asked... :) That's it. Am I missing something here?
0
 

Accepted Solution

by:
Buz007 earned 0 total points
ID: 37787526
Update ...

I found the problem / solution !

The part i was missing is that the certificates had to be installed on the client computer, as explained here :

http://msdn.microsoft.com/en-us/library/ff649205.aspx

In this section:
Step 5. Install the Certificate Authority's Certificate on the Client Computer

(i found later on that simply right clicking on the certificate and selecting 'Install' open the mmc to allow the certificate installation)

The SendWapPushService is effectively the proxy object that is created when the reference is added to the project, which is used to call the service:

In case it could help someone else, here is the code for the test app. (which works after the certificates are added to the client computer)

   static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      sendWapPushResponse resp;

      X509Certificate2 cert = new X509Certificate2("<CertFname>", "<pwd>");
     
      swps.ClientCertificates.Add(cert);

      swp.addresses = new string [] {"..."};
      swp.type = WapPushType.ServiceIndication;
      swp.alertText = "Alert text";
      try
      {
        resp = swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
       
      }
    }
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787543
weird, but it doesn't appear for me :)
tried with vs2010, vs2008 - I see only xxxClient class, but anyway, glad to hear you found the solution.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37788340
was gonna object to the close as ID: 37786271 does come pretty close to your solution but cant be bothered

apologies to alexy_gusev - got a bit confused there...
0
 

Author Closing Comment

by:Buz007
ID: 37805131
Because it works and solves my problem.
0

Featured Post

How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A basic question.. “What is the Garbage Collector?” The usual answer given back: “Garbage collector is a background thread run by the CLR for freeing up the memory space used by the objects which are no longer used by the program.” I wondered …
Here I am going to explain creating proxies at runtime for WCF Service. So basically we use to generate proxies using Add Service Reference and then giving the Url of the WCF service then generate proxy files at client side. Ok, what if something ge…
Two types of users will appreciate AOMEI Backupper Pro: 1 - Those with PCIe drives (and haven't found cloning software that works on them). 2 - Those who want a fast clone of their boot drive (no re-boots needed) and it can clone your drive wh…

821 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question