Solved

.NET WebService client with certificates

Posted on 2012-03-29
14
2,553 Views
Last Modified: 2012-04-04
Hello all.

I am trying to write a simple web service client using Visual Studio 2010.
The WSDL for the service is here:
http://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl

I was able to call the service using SoapUI using the given certificate file (ext. .crt) and password.

I created a simple console application and added the Web Reference to the service and got a proxy object to call the service.

I spent many hours trying to write a simple function to call the service from my .NET console application but it fails with error:
' Impossible to create a secure SSL/TSL canal'

    static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      X509Certificate cert = X509Certificate.CreateFromCertFile("MyCertFile.crt");
      swps.ClientCertificates.Add(cert);
      NetworkCredential nwCredential = new NetworkCredential("<user>", "<pwd>");
      swps.Credentials = nwCredential;

      swp.address = ... (same params as with SoapUI test)
      ...
      try
      {
        swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
         ...
      }

I just can't find how to setup the call (credentials / certificate) ... in my .Net example.

Ant help would be greatly appreciated.

Best regards

Noel
No matter what i try, it alway return that same exception ...
0
Comment
Question by:Buz007
  • 7
  • 5
  • 2
14 Comments
 
LVL 9

Expert Comment

by:lojk
ID: 37786271
The service, when accessed from a browser over https reports that the certifcate is not valid or self-signed (i.e. not trusted by your browser and/or machine certificate store).

here is the error from the Add Service Reference box in VS2010 on my machine...

There was an error downloading 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
The request was aborted: Could not create SSL/TLS secure channel.
Metadata contains a reference that cannot be resolved: 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
Could not establish secure channel for SSL/TLS with authority 'webservices.telus.com'.
The request was aborted: Could not create SSL/TLS secure channel.
If the service is defined in the current solution, try building the solution and adding the service reference again.

So until you get the site certificate signed by a CA (i.e. create the cert on the machine issuing the ssl channel and generate a CSR and install the signed reply on the IIS box) i dont think it will work.

As far as i am aware you cant just copy the cert from another machine unless there is a valid certificate trust chain for that certificate on that box - I dont think primarily it is an authentication issue but what are you running this on? IIS6/7?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786490
Not sure if you've already seen this one but here is a fairly thorough walkthrough that may help (that is more specific to your question than my answer is)..

http://www.codeproject.com/Articles/18601/An-easy-way-to-use-certificates-for-WCF-security
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786641
hmm, where do you see 'service' class??? I get only 'client' :)
0
Master Your Team's Linux and Cloud Stack!

The average business loses $13.5M per year to ineffective training (per 1,000 employees). Keep ahead of the competition and combine in-person quality with online cost and flexibility by training with Linux Academy.

 
LVL 9

Expert Comment

by:lojk
ID: 37786863
When adding the service to my (test) console app here is what i get...

(see attached)
Capture9.PNG
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786869
works fine when i add it without SSL

(see attached)
Capture10.PNG
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786894
exactly, so my question still stands :) -

where does "SendWapPushService swps = new SendWapPushService();" in OP come from?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786933
huh? I dont understand what you mean?

The name SendWapPushService is effectively the name/location of the class where your WCF service is declared - when adding the service reference, other than the namespace you provide the rest is dervied from the info in the wsdl and/or the url...
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786959
unless I'm missing something obvious, the only thing one [usually] provides when adding a reference is the reference name (ie namespace) which is then added as '<your main manespace>.<your ref name>', and then the classes names inside the proxy are taken from wsdl file.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786998
Yep - what i am saying is that your declaring WCF class/service name (must) contains the word 'Service' and that is also hosted in a similiarly named Virtual Directory/Application but i dont understand what you are actually asking me in ID: 37786641or ID: 37786894

Can you clarify what your actual question is please - did my original comment not help?
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787081
I'm not the one who asked the question :), I've been trying to help.

so what I meant in my posts is very simple:

the author of the OP asked "I am trying to write a simple web service client using Visual Studio 2010.", so once you added the service reference (yes, it shows you service name - SendWapPushService with one interface, but it obviously can have  many) you then add something like

using mytest.ServiceReference1;

Open in new window

...

to your console app. Then you want to create an instance of the client, don't you? In order do do it and to see all offered classes, you could write something like

mytest.ServiceReference1. <---- 'dot' here, to see everything

Open in new window


so once you did it with provided wsdl, the only potential 'main' client class I see is SendWapPush1Client.

Hence my question - NOT the one that author asked... :) That's it. Am I missing something here?
0
 

Accepted Solution

by:
Buz007 earned 0 total points
ID: 37787526
Update ...

I found the problem / solution !

The part i was missing is that the certificates had to be installed on the client computer, as explained here :

http://msdn.microsoft.com/en-us/library/ff649205.aspx

In this section:
Step 5. Install the Certificate Authority's Certificate on the Client Computer

(i found later on that simply right clicking on the certificate and selecting 'Install' open the mmc to allow the certificate installation)

The SendWapPushService is effectively the proxy object that is created when the reference is added to the project, which is used to call the service:

In case it could help someone else, here is the code for the test app. (which works after the certificates are added to the client computer)

   static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      sendWapPushResponse resp;

      X509Certificate2 cert = new X509Certificate2("<CertFname>", "<pwd>");
     
      swps.ClientCertificates.Add(cert);

      swp.addresses = new string [] {"..."};
      swp.type = WapPushType.ServiceIndication;
      swp.alertText = "Alert text";
      try
      {
        resp = swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
       
      }
    }
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787543
weird, but it doesn't appear for me :)
tried with vs2010, vs2008 - I see only xxxClient class, but anyway, glad to hear you found the solution.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37788340
was gonna object to the close as ID: 37786271 does come pretty close to your solution but cant be bothered

apologies to alexy_gusev - got a bit confused there...
0
 

Author Closing Comment

by:Buz007
ID: 37805131
Because it works and solves my problem.
0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A basic question.. “What is the Garbage Collector?” The usual answer given back: “Garbage collector is a background thread run by the CLR for freeing up the memory space used by the objects which are no longer used by the program.” I wondered …
For those of you who don't follow the news, or just happen to live under rocks, Microsoft Research released a beta SDK (http://www.microsoft.com/en-us/download/details.aspx?id=27876) for the Xbox 360 Kinect. If you don't know what a Kinect is (http:…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question