I am facing an issue and cannot find a solution to work.
I have to send a https soap request to a web service. I don t have to use credentials for authentication to that web service but i have a certificate (.pem format).I have composed the soap envelope..i am making the request but i have the same error every
time(401): the remote server returned unauthorized...The certificate is installed .When i am trying to send the .pem file from c# i get :"input data could not be coded as a valid certificate".I converted the certificate with openssl to other formats but still
the same errors.It seems that my framework only supports .cer or .pfx formats.I dont know what else to do...I read about encrypting/decrypting the soap message or about wse security but don t know where to start from now.I also opened the .pem file under
text format.It contains a Public Key:rsa encryption;and a signature algorithm:sha1withRsaencryption and some certificate policies.It a x509 v3 certificate
Note:- As you already have certificate it is required to 1) Add it the client machine store as discussed in above articles 2) Add required configuration in client configuration file i.e., custom behaviour.
Thanks for your response.The problem is that I am a little confused and I do not have enough informations.Some one else installed the certificate on our server and my mission was just to write some code to get a response from the external webservice.I thought
that simply sending the certificate from C# will be enough for authorization.Don t I have to convert also the certificate to another format?
The problem is that I am a little confused and I do not have enough informations.Some one else installed the certificate on our server and my mission was just to write some code to get a response from the external webservice.
thanks for your response.
Note that when the request is SENT to the Web service it is required to attach the certificate and send the request. The digital certificate should be installed on the machine where your web application has been hosted and sending request to the web service.
During development phase you may attach the digital certificate to your local store.
adrianrpd20
I thought that simply sending the certificate from C# will be enough for authorization.Don t I have to convert also the certificate to another format?
It is required to add custom behaviour to client application(web application). of course it is feasible to do the same from source. check with the admin/developer who has installed the certificate, there is no need to convert the certificate.
Go through the articles referred above & implement the suggested. Let me us further queries.
After more researching ...still not been able to solve the problem.The certificate is imported ..works from browser...works when trying with soap tools but cannot send that pfx from code.that pfx contains also my private key.if converting to .cer or .der
the private key gets lost.
So how can i send that private key...can it be done from soap message when writing the message?
adrianrpd20
Member
1 Points
18 Posts
web service
Jan 04, 2013 08:39 PM|LINK
Hello,
I am facing an issue and cannot find a solution to work.
I have to send a https soap request to a web service. I don t have to use credentials for authentication to that web service but i have a certificate (.pem format).I have composed the soap envelope..i am making the request but i have the same error every time(401): the remote server returned unauthorized...The certificate is installed .When i am trying to send the .pem file from c# i get :"input data could not be coded as a valid certificate".I converted the certificate with openssl to other formats but still the same errors.It seems that my framework only supports .cer or .pfx formats.I dont know what else to do...I read about encrypting/decrypting the soap message or about wse security but don t know where to start from now.I also opened the .pem file under text format.It contains a Public Key:rsa encryption;and a signature algorithm:sha1withRsaencryption and some certificate policies.It a x509 v3 certificate
Any ideea would be great.
Thanks
sukumarraju
All-Star
16951 Points
2999 Posts
Re: web service
Jan 04, 2013 10:34 PM|LINK
It is required to add the digital certificate to your store using mmc (explained below)
Add custom behaviour in client configuration (web.config)
Refer http://www.codeproject.com/Articles/36683/9-simple-steps-to-enable-X-509-certificates-on-WCF
Also refer Consume the WCF Service by the client and authenticate with a client certificate to the service
Note:- As you already have certificate it is required to 1) Add it the client machine store as discussed in above articles 2) Add required configuration in client configuration file i.e., custom behaviour.
Let me know further queries.
Application Architecture Guide 2.0
My Blog
Twitter
adrianrpd20
Member
1 Points
18 Posts
Re: web service
Jan 05, 2013 09:34 AM|LINK
Thanks for your response.The problem is that I am a little confused and I do not have enough informations.Some one else installed the certificate on our server and my mission was just to write some code to get a response from the external webservice.I thought that simply sending the certificate from C# will be enough for authorization.Don t I have to convert also the certificate to another format?
thanks for your response.
adrianrpd20
Member
1 Points
18 Posts
Re: web service
Jan 05, 2013 10:57 PM|LINK
one more thing.the web service which i am trying to invoke is on weblogic server.
sukumarraju
All-Star
16951 Points
2999 Posts
Re: web service
Jan 07, 2013 09:03 AM|LINK
Note that when the request is SENT to the Web service it is required to attach the certificate and send the request. The digital certificate should be installed on the machine where your web application has been hosted and sending request to the web service. During development phase you may attach the digital certificate to your local store.
It is required to add custom behaviour to client application(web application). of course it is feasible to do the same from source. check with the admin/developer who has installed the certificate, there is no need to convert the certificate.
Go through the articles referred above & implement the suggested. Let me us further queries.
Application Architecture Guide 2.0
My Blog
Twitter
adrianrpd20
Member
1 Points
18 Posts
Re: web service
Jan 11, 2013 01:01 PM|LINK
After more researching ...still not been able to solve the problem.The certificate is imported ..works from browser...works when trying with soap tools but cannot send that pfx from code.that pfx contains also my private key.if converting to .cer or .der the private key gets lost.
So how can i send that private key...can it be done from soap message when writing the message?
thanks
sukumarraju
All-Star
16951 Points
2999 Posts
Re: web service
Jan 14, 2013 08:10 PM|LINK
http://www.codeproject.com/Articles/28395/Attaching-a-digital-certificate-public-key-to-an-H
http://msdn.microsoft.com/en-us/library/aa529568.aspx
Application Architecture Guide 2.0
My Blog
Twitter