Secure WebService Failing

Discussion in 'ASP .Net' started by Matt Sollars, Jul 29, 2003.

  1. Matt Sollars

    Matt Sollars Guest

    I've struggled with this problem, and it's lack of examples, for a couple of
    months now. On several different web applications that we have written, we
    need to communicate with a credit card merchant servicer. On one of the
    projects a secure connection was made with a WebRequest object and during
    the reply, a trust error was received. I can't remember the full details due
    to the time it's been since that project.

    The most recent project required a secure connection via a web service that
    the merchant service provides. I instantiate an instance of the service and
    call the method that processes the credit card. No matter what I try to get
    around it, I get the same error message:

    System.EntryPointNotFoundException: Unable to find an entry point named
    EnumerateSecurityPackagesW in DLL security.dll.

    The stack trace results in the following:

    [EntryPointNotFoundException: Unable to find an entry point named
    EnumerateSecurityPackagesW in DLL security.dll.]
    System.Net.NativeNTSSPI.EnumerateSecurityPackagesW(Int32& pkgnum, IntPtr&
    arrayptr) +0
    System.Net.SSPISecureChannelType.EnumerateSecurityPackages(Int32& pkgnum,
    IntPtr& arrayptr) +45
    System.Net.SSPIWrapper.EnumerateSecurityPackages(SSPIInterface SecModule)
    +57
    System.Net.SSPIWrapper.GetSupportedSecurityPackages(SSPIInterface
    SecModule) +29
    System.Net.SecureChannel..cctor() +41

    [TypeInitializationException: The type initializer for
    "System.Net.SecureChannel" threw an exception.]
    System.Net.SecureChannel..ctor(String hostname, X509CertificateCollection
    clientCertificates) +0
    System.Net.TlsStream.Handshake(ProtocolToken message) +51

    [WebException: The underlying connection was closed: Could not establish
    secure channel for SSL/TLS.]
    System.Net.HttpWebRequest.CheckFinalStatus() +674
    System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult asyncResult)
    +74
    System.Net.HttpWebRequest.GetRequestStream() +132
    System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String
    methodName, Object[] parameters) +105

    MyApplication.net.eftsecure.va.TRANSACTION_PROCESSING.BANKCARD_AUTHONLY(Stri
    ng M_ID, String M_KEY, String C_NAME, String C_ADDRESS, String C_CITY,
    String C_STATE, String C_ZIP, String C_COUNTRY, String C_EMAIL, String
    C_CARDNUMBER, String C_EXP, String C_CVV, String T_CUSTOMER_NUMBER, String
    T_AMT, String T_SHIPPING, String T_TAX, String T_ORDERNUM, String
    C_TELEPHONE, String C_FAX, String C_SHIP_NAME, String C_SHIP_ADDRESS, String
    C_SHIP_CITY, String C_SHIP_STATE, String C_SHIP_ZIP, String C_SHIP_COUNTRY)
    in c:\inetpub\wwwroot\MyApplication\Web
    References\net.eftsecure.va\Reference.vb:140
    MyApplication.ConfirmOrder.btnConfirm_Click(Object sender, EventArgs e)
    in c:\inetpub\wwwroot\MyApplication\ConfirmOrder.aspx.vb:93
    System.Web.UI.WebControls.Button.OnClick(EventArgs e) +108

    System.Web.UI.WebControls.Button.System.Web.UI.IPostBackEventHandler.RaisePo
    stBackEvent(String eventArgument) +57
    System.Web.UI.Page.RaisePostBackEvent(IPostBackEventHandler
    sourceControl, String eventArgument) +18
    System.Web.UI.Page.RaisePostBackEvent(NameValueCollection postData) +33
    System.Web.UI.Page.ProcessRequestMain() +1247


    I've tried a few things. I created a new class implementing
    ICertificatePolicy that just returns True in the CheckValidationResult
    method and set the ServicePointManager.CertificatePolicy to a new instance
    of that class. I've output the SSL certificate on the server to a CER file
    and added it to the web service's client certificates via
    ClientCertificates.Add(X509Certificate.CreateFromCertFile(Server.MapPath("My
    ApplicationCert.cer"))). Each of these things were tried separately and
    together just before the web service's method is invoked and nothing has
    remedied the problem.

    Please, help. Any suggestions, questions, ideas or examples will be greatly
    appreciated.


    Thanks in advance,

    --
    Matt Sollars

    -------------------
    The Hypersite Network
    2002 N. Salisbury Blvd.
    Suite C
    Salisbury, Maryland 21801
    T: 410.749.2000
    F: 410.219.3400
    http://www.hypersite.net
     
    Matt Sollars, Jul 29, 2003
    #1
    1. Advertising

  2. Hi Matt,

    The error looks more like a certificate issue. Following are few known
    conditions this error may occur.

    1) Mismatched Certificate: a certificate is associated with the user ID of
    the user who installed the certificate (this is the certificate user);
    therefore, the certificate is available only when that user profile is
    loaded. ASP.NET will be running under different account. Check the
    Certificate in the MMC.

    2) Mismatched server name: the server name should be same as the server
    name on the certificate. This is most common problem. If the client and
    server are on the same box, make sure that you are not using ¡°localhost?
    Please change it to server name.

    3) Proxy settings.
    Please check the KB article Q307267
    <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307267> and make
    sure the certificates are installed properly.

    Thanks very much.

    Regards,

    HuangTM
    Microsoft Online Partner Support
    MCSE/MCSD

    Get Secure! ¨C www.microsoft.com/security
    This posting is provided ¡°as is¡± with no warranties and confers no rights.
     
    Tian Min Huang, Jul 30, 2003
    #2
    1. Advertising

  3. Matt Sollars

    Matt Sollars Guest

    Thanks a lot, Tian. I'll look into that. It's probably the user issue. I
    guess I'll have to impersonate that user.

    Matt


    "Tian Min Huang" <> wrote in message
    news:...
    Hi Matt,

    The error looks more like a certificate issue. Following are few known
    conditions this error may occur.

    1) Mismatched Certificate: a certificate is associated with the user ID of
    the user who installed the certificate (this is the certificate user);
    therefore, the certificate is available only when that user profile is
    loaded. ASP.NET will be running under different account. Check the
    Certificate in the MMC.

    2) Mismatched server name: the server name should be same as the server
    name on the certificate. This is most common problem. If the client and
    server are on the same box, make sure that you are not using ¡°localhost?
    Please change it to server name.

    3) Proxy settings.
    Please check the KB article Q307267
    <http://support.microsoft.com/default.aspx?scid=kb;en-us;Q307267> and make
    sure the certificates are installed properly.

    Thanks very much.

    Regards,

    HuangTM
    Microsoft Online Partner Support
    MCSE/MCSD

    Get Secure! ¨C www.microsoft.com/security
    This posting is provided ¡°as is¡± with no warranties and confers no rights.
     
    Matt Sollars, Jul 30, 2003
    #3
  4. Matt Sollars

    Munish Sethi Guest

    Tim,

    I have the same error, but the problem is only on ISP side..any ideas?
    Following is a brief description of my problem...

    I have an aspx page, code for which I am including in mail. This page
    works only for a few hours a day. It is inconsistent code does NOT
    change but the page stops working. This page works fine on localhost
    (at all
    times) however at my ISP it is a different story. It works randomly ,
    as best I can figure out it works for a few hours every day. Nothing is
    consistent and it works in a random fashion. It appears to be some kind
    of
    sever specific issue at my ISP. Is anyone else having similar problems?
    ISP (webhost4life) has not been of much help. Why does this page find
    the entry point every so often and then does not find it?

    Error Message that is reported

    Unable to find an entry point named EnumerateSecurityPackagesW in DLL
    security.dll.

    It fails on the following line of code

    Dim postData As Stream = oHttp.GetRequestStream()

    Following is the stack trace output

    [EntryPointNotFoundException: Unable to find an entry point named
    EnumerateSecurityPackagesW in DLL security.dll.]
    System.Net.NativeNTSSPI.EnumerateSecurityPackagesW(Int32& pkgnum,
    IntPtr&
    arrayptr) +0
    System.Net.SSPISecureChannelType.EnumerateSecurityPackages(Int32&
    pkgnum,
    IntPtr& arrayptr) +45
    System.Net.SSPIWrapper.EnumerateSecurityPackages(SSPIInterface
    SecModule)
    +57
    System.Net.SSPIWrapper.GetSupportedSecurityPackages(SSPIInterface
    SecModule) +29
    System.Net.SecureChannel..cctor() +41

    [TypeInitializationException: The type initializer for
    "System.Net.SecureChannel" threw an exception.]
    System.Net.SecureChannel..ctor(String hostname,
    X509CertificateCollection
    clientCertificates) +0
    System.Net.TlsStream.Handshake(ProtocolToken message) +51

    [WebException: The underlying connection was closed: Could not establish
    secure channel for SSL/TLS.]
    System.Net.HttpWebRequest.CheckFinalStatus() +676
    System.Net.HttpWebRequest.EndGetRequestStream(IAsyncResult
    asyncResult)
    +75
    System.Net.HttpWebRequest.GetRequestStream() +132
    ASP.test_aspx.Page_Load(Object sender, EventArgs e) in
    c:\webhost4life_aspnet\cincospa\aspx\test.aspx:37
    System.Web.UI.Control.OnLoad(EventArgs e) +67
    System.Web.UI.Control.LoadRecursive() +35
    System.Web.UI.Page.ProcessRequestMain() +731


    ____________________________________________________________
    Complete code for this aspx page
    ____________________________________________________________

    <%@ Page Debug="true" Language="vb" AutoEventWireup="false"%>
    <%@ Import Namespace="System.Net" %>
    <%@ Import Namespace="System.IO" %>
    <%@ Import Namespace="System.Text" %>
    <%@ Import Namespace="System.Web.HttpRequest" %>
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
    <html>
    <head>
    <title>test</title>
    <meta name="GENERATOR" content="Microsoft Visual Studio .NET 7.1">
    <meta name="CODE_LANGUAGE" content="Visual Basic .NET 7.1">
    <meta name=vs_defaultClientScript content="JavaScript">
    <meta name=vs_targetSchema
    content="http://schemas.microsoft.com/intellisense/ie5">
    </head>
    <body MS_POSITIONING="GridLayout">

    <form id="Form1" method="post" runat="server">

    <script language="vb" runat="server">
    Private Sub Page_Load(ByVal sender As System.Object, ByVal e As
    System.EventArgs) Handles MyBase.Load
    ' 'Put user code to initialize the page here

    ' ' Create Web Request
    Dim url As String = "https://secure.authorize.net/gateway/transact.dll"
    Dim params As String = String.Empty

    Dim oHttp As HttpWebRequest = CType(WebRequest.Create(Url),
    HttpWebRequest)

    ' Post form variables
    params = "x_Version=" & "3.1" & "&x_delim_data=" & "True" + "&x_Login="
    &
    "userid" & "&x_tran_key=" & "somepwd" _
    + "&x_Amount=" & "1" & "&x_Card_Num=" & "1234567812345678" +
    "&x_Exp_Date="
    & "1234" + "&x_Type=" + "AUTH_CAPTURE"

    oHttp.Method = "POST"

    Dim postBuffer() As Byte =
    System.Text.Encoding.GetEncoding(1252).GetBytes(Params)
    oHttp.ContentLength = postBuffer.Length
    Dim postData As Stream = oHttp.GetRequestStream()
    postData.Write(postBuffer, 0, postBuffer.Length)
    postData.Close()

    ' Get results
    Dim myResponse As HttpWebResponse = CType(oHttp.GetResponse(),
    HttpWebResponse)
    Dim enc As Encoding = System.Text.Encoding.GetEncoding(1252)

    Dim loResponseStream As StreamReader
    loResponseStream = New StreamReader(myResponse.GetResponseStream(), enc)
    Dim retHtml As String = loResponseStream.ReadToEnd()
    myResponse.Close()
    loResponseStream.Close()

    Response.Write(retHtml)
    End Sub

    </script>

    </form>

    </body>
    </html>




    <b> Munish </b>

    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
     
    Munish Sethi, Aug 5, 2003
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. A.M
    Replies:
    5
    Views:
    5,471
    Teemu Keiski
    Jun 8, 2004
  2. Daniel Malcolm
    Replies:
    0
    Views:
    566
    Daniel Malcolm
    Jan 24, 2005
  3. zdrakec
    Replies:
    1
    Views:
    443
    zdrakec
    Jul 25, 2005
  4. Joe
    Replies:
    5
    Views:
    974
    Steven Cheng[MSFT]
    Dec 13, 2005
  5. verbal kint
    Replies:
    1
    Views:
    556
    Sudsy
    Sep 4, 2004
Loading...

Share This Page