Link to home
Start Free TrialLog in
Avatar of HItesh Rana
HItesh Rana

asked on

My payload is not being encrypted for a web service call.

I'm calling a web service where I'm suppose to encrypt the data being passed over.    When I look at the diagnostic file I don't see my payload being encrypted.  Am I missing something in the app.config file for the encryption to occur?

Here is my app.config file:
<system.diagnostics>
    <sources>
      <source name="System.ServiceModel.MessageLogging">
        <listeners>
          <add name="messages"
          type="System.Diagnostics.XmlWriterTraceListener"
          initializeData="c:\logs\messages.xml" />
        </listeners>
      </source>
    </sources>
  </system.diagnostics>


  <system.serviceModel>
    <diagnostics>
      <messageLogging
           logEntireMessage="true"
           logMalformedMessages="false"
           logMessagesAtServiceLevel="true"
           logMessagesAtTransportLevel="false"
           maxMessagesToLog="3000"
           maxSizeOfMessageToLog="2000"/>
    </diagnostics>
    <bindings>
        <wsHttpBinding>
          <binding name="CoreSoapPortBinding">
            <security mode="Transport">  
              <transport clientCredentialType="Certificate"/>  
            </security>  
          </binding>  
        </wsHttpBinding>  
    </bindings>
    <client>
        <endpoint address="https://xxxxxxxxx/ESARWS/CORETransactionService"
            binding="wsHttpBinding" bindingConfiguration="CoreSoapPortBinding"
            contract="ESAR.CORETransaction" name="CoreSoapPort" behaviorConfiguration="endpointCredentialBehavior" />
    </client>
   <behaviors>  
     <endpointBehaviors>  
        <behavior name="endpointCredentialBehavior">  
          <clientCredentials>  
            <clientCertificate findValue="xxxxxxxx.org"
                               storeLocation="CurrentUser"  
                               storeName="My"
                               x509FindType="FindBySubjectName" />
           <serviceCertificate>
             <defaultCertificate findValue="xxxxxxx.gov"
                               storeLocation="CurrentUser"  
                               storeName="AddressBook"
                               x509FindType="FindBySubjectName" />   
        
           </serviceCertificate>
        
          </clientCredentials>  
        </behavior>  
     </endpointBehaviors>  
  </behaviors>  
    
</system.serviceModel> 

Open in new window

Avatar of zc2
zc2
Flag of United States of America image

Only a couple guesses. The diagnostic saves the payload before it being encrypted, thus you see the unencrypted data in the log.
The fact that you are using the HTTPS protocol should be enough to be sure the payload is transferred encrypted. To make sure, try to use a debug proxy tool like Telerik Fiddler or a sniffing tool like Wireshark or MS net monitor and check that the connection is indeed encrypted.
Avatar of HItesh Rana
HItesh Rana

ASKER

Thank you for responding and insight into how things work.  I had a co-worker who generated proxy file to wse 3.0 ( I used WCF).  He was able to encrypt the data after looking at the log file. The data was encrypted.   I will definitely install Wireshark tomorrow to confirm.  Maybe in WCF the log file does not show the encrypted state in the log file.  Thanks.
This question needs an answer!
Become an EE member today
7 DAY FREE TRIAL
Members can start a 7-Day Free trial then enjoy unlimited access to the platform.
View membership options
or
Learn why we charge membership fees
We get it - no one likes a content blocker. Take one extra minute and find out why we block content.