Solved

.NET WebService client with certificates

Posted on 2012-03-29
14
2,458 Views
Last Modified: 2012-04-04
Hello all.

I am trying to write a simple web service client using Visual Studio 2010.
The WSDL for the service is here:
http://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl

I was able to call the service using SoapUI using the given certificate file (ext. .crt) and password.

I created a simple console application and added the Web Reference to the service and got a proxy object to call the service.

I spent many hours trying to write a simple function to call the service from my .NET console application but it fails with error:
' Impossible to create a secure SSL/TSL canal'

    static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      X509Certificate cert = X509Certificate.CreateFromCertFile("MyCertFile.crt");
      swps.ClientCertificates.Add(cert);
      NetworkCredential nwCredential = new NetworkCredential("<user>", "<pwd>");
      swps.Credentials = nwCredential;

      swp.address = ... (same params as with SoapUI test)
      ...
      try
      {
        swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
         ...
      }

I just can't find how to setup the call (credentials / certificate) ... in my .Net example.

Ant help would be greatly appreciated.

Best regards

Noel
No matter what i try, it alway return that same exception ...
0
Comment
Question by:Buz007
  • 7
  • 5
  • 2
14 Comments
 
LVL 9

Expert Comment

by:lojk
ID: 37786271
The service, when accessed from a browser over https reports that the certifcate is not valid or self-signed (i.e. not trusted by your browser and/or machine certificate store).

here is the error from the Add Service Reference box in VS2010 on my machine...

There was an error downloading 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
The request was aborted: Could not create SSL/TLS secure channel.
Metadata contains a reference that cannot be resolved: 'https://webservices.telus.com/parlayx_wappush_send_service_1_0.wsdl'.
Could not establish secure channel for SSL/TLS with authority 'webservices.telus.com'.
The request was aborted: Could not create SSL/TLS secure channel.
If the service is defined in the current solution, try building the solution and adding the service reference again.

So until you get the site certificate signed by a CA (i.e. create the cert on the machine issuing the ssl channel and generate a CSR and install the signed reply on the IIS box) i dont think it will work.

As far as i am aware you cant just copy the cert from another machine unless there is a valid certificate trust chain for that certificate on that box - I dont think primarily it is an authentication issue but what are you running this on? IIS6/7?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786490
Not sure if you've already seen this one but here is a fairly thorough walkthrough that may help (that is more specific to your question than my answer is)..

http://www.codeproject.com/Articles/18601/An-easy-way-to-use-certificates-for-WCF-security
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786641
hmm, where do you see 'service' class??? I get only 'client' :)
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786863
When adding the service to my (test) console app here is what i get...

(see attached)
Capture9.PNG
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786869
works fine when i add it without SSL

(see attached)
Capture10.PNG
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786894
exactly, so my question still stands :) -

where does "SendWapPushService swps = new SendWapPushService();" in OP come from?
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786933
huh? I dont understand what you mean?

The name SendWapPushService is effectively the name/location of the class where your WCF service is declared - when adding the service reference, other than the namespace you provide the rest is dervied from the info in the wsdl and/or the url...
0
What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37786959
unless I'm missing something obvious, the only thing one [usually] provides when adding a reference is the reference name (ie namespace) which is then added as '<your main manespace>.<your ref name>', and then the classes names inside the proxy are taken from wsdl file.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37786998
Yep - what i am saying is that your declaring WCF class/service name (must) contains the word 'Service' and that is also hosted in a similiarly named Virtual Directory/Application but i dont understand what you are actually asking me in ID: 37786641or ID: 37786894

Can you clarify what your actual question is please - did my original comment not help?
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787081
I'm not the one who asked the question :), I've been trying to help.

so what I meant in my posts is very simple:

the author of the OP asked "I am trying to write a simple web service client using Visual Studio 2010.", so once you added the service reference (yes, it shows you service name - SendWapPushService with one interface, but it obviously can have  many) you then add something like

using mytest.ServiceReference1;

Open in new window

...

to your console app. Then you want to create an instance of the client, don't you? In order do do it and to see all offered classes, you could write something like

mytest.ServiceReference1. <---- 'dot' here, to see everything

Open in new window


so once you did it with provided wsdl, the only potential 'main' client class I see is SendWapPush1Client.

Hence my question - NOT the one that author asked... :) That's it. Am I missing something here?
0
 

Accepted Solution

by:
Buz007 earned 0 total points
ID: 37787526
Update ...

I found the problem / solution !

The part i was missing is that the certificates had to be installed on the client computer, as explained here :

http://msdn.microsoft.com/en-us/library/ff649205.aspx

In this section:
Step 5. Install the Certificate Authority's Certificate on the Client Computer

(i found later on that simply right clicking on the certificate and selecting 'Install' open the mmc to allow the certificate installation)

The SendWapPushService is effectively the proxy object that is created when the reference is added to the project, which is used to call the service:

In case it could help someone else, here is the code for the test app. (which works after the certificates are added to the client computer)

   static void Main(string[] args)
    {
      SendWapPushService swps = new SendWapPushService();
      sendWapPush swp = new sendWapPush();
      sendWapPushResponse resp;

      X509Certificate2 cert = new X509Certificate2("<CertFname>", "<pwd>");
     
      swps.ClientCertificates.Add(cert);

      swp.addresses = new string [] {"..."};
      swp.type = WapPushType.ServiceIndication;
      swp.alertText = "Alert text";
      try
      {
        resp = swps.sendWapPush(swp);
      }
      catch (Exception ex)
      {
       
      }
    }
0
 
LVL 24

Expert Comment

by:alexey_gusev
ID: 37787543
weird, but it doesn't appear for me :)
tried with vs2010, vs2008 - I see only xxxClient class, but anyway, glad to hear you found the solution.
0
 
LVL 9

Expert Comment

by:lojk
ID: 37788340
was gonna object to the close as ID: 37786271 does come pretty close to your solution but cant be bothered

apologies to alexy_gusev - got a bit confused there...
0
 

Author Closing Comment

by:Buz007
ID: 37805131
Because it works and solves my problem.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

While working on Silverlight and WCF application, I faced one issue where fault exception occurred at WCF operation contract is not getting propagated to Silverlight client. So after searching net I came to know that it was behavior by default for s…
Many of us here at EE write code. Many of us write exceptional code; just as many of us write exception-prone code. As we all should know, exceptions are a mechanism for handling errors which are typically out of our control. From database errors, t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

746 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now