M
Matthew
Hi!
Hoping for some help here re client certificates and SSL The following
method:
========================================================================
Public Sub SimpleXMLSendReceive()
Try
m_StartTime = Now
Dim FileName As String
Dim Request = CreateWebRequest()
--crashes-> m_XmlIn.Save(Request.GetRequestStream())
Private Function CreateWebRequest() As HttpWebRequest
Dim objRequest As HttpWebRequest = WebRequest.Create(m_URL &
"/" & m_Operation)
SetProxy(objRequest.Proxy)
objRequest.Method = "POST"
objRequest.ContentType = "application/x-www-form-urlencoded"
objRequest.Timeout = 300000
Dim certStore As X509CertificateStore
certStore = X509CertificateStore.CurrentUserStore(X509CertificateStore.RootStore.ToString)
certStore.OpenRead()
Dim cert As X509Certificates.X509Certificate
If certStore.FindCertificateBySubjectString("XYZ").Count > 0
Then
cert = certStore.FindCertificateBySubjectString("XYZ")(0)
End If
objRequest.ClientCertificates.Add(cert)
Return objRequest
End Function
========================================================================
I am attaching the cert ok, and I have IIS configured to require a
secure connection, and require a client cert The URl for the post is a
HTTPS address. When I hit the GetRequestStream call I get;
"The underlying connection was closed: could not establish a secure
connection."
I am using test certificates and when I change to another one the
error becomes could not establish a trust relationship ( I think this
may be related to the Untrusted Root Authority error).
I have tried implementing a custom ICertificatePolicy as follows :
========================================================================
Public Enum CertificateProblem As Long
CertEXPIRED = 2148204801
CertVALIDITYPERIODNESTING = 2148204802
CertROLE = 2148204803
CertPATHLENCONST = 2148204804
CertCRITICAL = 2148204805
CertPURPOSE = 2148204806
CertISSUERCHAINING = 2148204807
CertMALFORMED = 2148204808
CertUNTRUSTEDROOT = 2148204809
CertCHAINING = 2148204810
CertREVOKED = 2148204812
CertUNTRUSTEDTESTROOT = 2148204813
CertREVOCATION_FAILURE = 2148204814
CertCN_NO_MATCH = 2148204815
CertWRONG_USAGE = 2148204816
CertUNTRUSTEDCA = 2148204818
End Enum
Class CertPol
Implements ICertificatePolicy
Public Function CheckValidationResult(ByVal srvPoint As
System.Net.ServicePoint, ByVal certificate As
System.Security.Cryptography.X509Certificates.X509Certificate, ByVal
request As System.Net.WebRequest, ByVal certificateProblem As Integer)
As Boolean Implements
System.Net.ICertificatePolicy.CheckValidationResult
Return True
End Function
End Class
========================================================================
And registed it with ServicePointManager prior to the problem call:
========================================================================
System.Net.ServicePointManager.CertificatePolicy = New CertPol()
========================================================================
to attempt and override the issue... but no dice...
Any ideas would be much appreciated.
THanks,
Matt
Hoping for some help here re client certificates and SSL The following
method:
========================================================================
Public Sub SimpleXMLSendReceive()
Try
m_StartTime = Now
Dim FileName As String
Dim Request = CreateWebRequest()
--crashes-> m_XmlIn.Save(Request.GetRequestStream())
Private Function CreateWebRequest() As HttpWebRequest
Dim objRequest As HttpWebRequest = WebRequest.Create(m_URL &
"/" & m_Operation)
SetProxy(objRequest.Proxy)
objRequest.Method = "POST"
objRequest.ContentType = "application/x-www-form-urlencoded"
objRequest.Timeout = 300000
Dim certStore As X509CertificateStore
certStore = X509CertificateStore.CurrentUserStore(X509CertificateStore.RootStore.ToString)
certStore.OpenRead()
Dim cert As X509Certificates.X509Certificate
If certStore.FindCertificateBySubjectString("XYZ").Count > 0
Then
cert = certStore.FindCertificateBySubjectString("XYZ")(0)
End If
objRequest.ClientCertificates.Add(cert)
Return objRequest
End Function
========================================================================
I am attaching the cert ok, and I have IIS configured to require a
secure connection, and require a client cert The URl for the post is a
HTTPS address. When I hit the GetRequestStream call I get;
"The underlying connection was closed: could not establish a secure
connection."
I am using test certificates and when I change to another one the
error becomes could not establish a trust relationship ( I think this
may be related to the Untrusted Root Authority error).
I have tried implementing a custom ICertificatePolicy as follows :
========================================================================
Public Enum CertificateProblem As Long
CertEXPIRED = 2148204801
CertVALIDITYPERIODNESTING = 2148204802
CertROLE = 2148204803
CertPATHLENCONST = 2148204804
CertCRITICAL = 2148204805
CertPURPOSE = 2148204806
CertISSUERCHAINING = 2148204807
CertMALFORMED = 2148204808
CertUNTRUSTEDROOT = 2148204809
CertCHAINING = 2148204810
CertREVOKED = 2148204812
CertUNTRUSTEDTESTROOT = 2148204813
CertREVOCATION_FAILURE = 2148204814
CertCN_NO_MATCH = 2148204815
CertWRONG_USAGE = 2148204816
CertUNTRUSTEDCA = 2148204818
End Enum
Class CertPol
Implements ICertificatePolicy
Public Function CheckValidationResult(ByVal srvPoint As
System.Net.ServicePoint, ByVal certificate As
System.Security.Cryptography.X509Certificates.X509Certificate, ByVal
request As System.Net.WebRequest, ByVal certificateProblem As Integer)
As Boolean Implements
System.Net.ICertificatePolicy.CheckValidationResult
Return True
End Function
End Class
========================================================================
And registed it with ServicePointManager prior to the problem call:
========================================================================
System.Net.ServicePointManager.CertificatePolicy = New CertPol()
========================================================================
to attempt and override the issue... but no dice...
Any ideas would be much appreciated.
THanks,
Matt