Click here to Skip to main content
15,919,931 members
Please Sign up or sign in to vote.
4.00/5 (1 vote)
See more:
Hello,

We are running a SOAP service application (wse 3 but also complying with WCF). Apart from being a service itself, the app also retrieves information from a third party using a HttpRequest instance with SSL.

When running that HttpRequest instance with a unit test, the third party service recognizes the given certificate and it works just fine.
However, when our SOAP service application is running in IIS, the third party does not recognize the certificate anymore:

" The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel."

What is different when an HttpClient is running under IIS? Does it change the requests I send using a HttpRequest?

How can I set this straight (configuration?)?

Thanks.
Posted
Updated 18-Mar-11 0:40am
v4

1 solution

This article gave me an idea how to solve the problem.
Asp.net checks whether a server certificate's name "CN= ..." matches the server's domain name.

So if the external server's certificate does not comply to that rule a https request from a asp.net application will not trust the connection. So if you have no chance to change the external server's configuration (3rd party) you have to disable the check.

It can be switched off by passing a custom delegate to asp.net's (mainly) static ServicePointManager class.

I put that bit into a static constructor of my https connector-class:
(however that check will be switched off for any https connection in the whole application)

public class MyExternalSslServiceConnector : IMyExternalServiceConnector<br />
{<br />
	 protected string ServiceUrl { get; set; }<br />
	 public X509Certificate2 SslCertificate { get; set; }<br />
<br />
	 static MyExternalSslServiceConnector()<br />
	 {<br />
		  ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };<br />
	 }<br />
<br />
	 public MyExternalSslServiceConnector(string myExternalServiceUrl, X509Certificate2 sslCertificate)<br />
	 {<br />
		  this.ServiceUrl = myExternalServiceUrl;<br />
		  this.SslCertificate = sslCertificate;<br />
	 }<br />
	<br />
	 // further implementation using HttpRequest class [...]<br />
}


Kind regards, C.
 
Share this answer
 
Comments
Yusuf 18-Mar-11 11:48am    
Nice to see you solved your own problem/question. +5

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



CodeProject, 20 Bay Street, 11th Floor Toronto, Ontario, Canada M5J 2N8 +1 (416) 849-8900