Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > The remote certificate is invalid according to the validation proc

Reply
Thread Tools

The remote certificate is invalid according to the validation proc

 
 
Bart
Guest
Posts: n/a
 
      05-11-2006
Hi,

I have a webservice that is running fine without SSL.
When I call my webservice over SSL I recieve following error message:

System.Net.WebException:
The underlying connection was closed: Could not establish trust relationship
for the SSL/TLS secure channel.
---> System.Security.Authentication.AuthenticationExcep tion: The remote
certificate is invalid according to the validation procedure..

I added this line to my code to add the certificate:
target.ClientCertificates.Add(System.Security.Cryp tography.X509Certificates.X509Certificate.CreateFr omCertFile("d:\\MyCertFile.cer"));

I'm new to this certificate stuff.

Thanks
Bart

 
Reply With Quote
 
 
 
 
Steven Cheng[MSFT]
Guest
Posts: n/a
 
      05-12-2006
Hi Bart,

Thank you for posting.

From your description, I understand that you're developing an .NET/ASP.NET
webservice and accessing it through .nett gernated proxy at client-side.
Also, the webservice is protected through https/ssl. However, at runtime
when try calling tha webservice , you're getting exception indicate that
the ssl protected connection can not be establshied, correct?

Based on my experience, such error is likely caused by the certificate used
in the SSL/HTTPS connection establishing could not be correctly validated.
In the code you provided, you also add client certificate in your
webservice proxy, so is your server-side service configured to require
client certificate (in IIS)? I'd suggest you consider perform the
following test first to verirfy whether the problem is due to client-side
cert validation or server certificate validation:

1. You can configure the webservice to not require client certificate and
try accessing the server service (without add client certificate) to see
whether it works.

2. If still report error, the problem is concerns with the server service's
SSL certificate or the servername you used to access the server. To do
further troubleshoot, you can first put an html page or aspx page in that
ssl/https protected IIS virtual directory/application and try using IE to
access that page to see whether you can correctly visit that page, also
make sure whether you'll get any warning or error dialog during the
visiting of that page. If there occurs any warning or error dialog, it
indicate there is something not quite correctly against the server SSL
certificate, and when we use webservice proxy to access the service, since
there is not UI to let us interactively process such error condition, it'll
end to an exception...

Please have a check through the above items. If there is anything unclear
or any other finding, please feel free to post here.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)




 
Reply With Quote
 
 
 
 
Bart
Guest
Posts: n/a
 
      05-19-2006
Hi Steven,

It was indeed the certificate warning when opening the site.

Thanks for your help.


"Steven Cheng[MSFT]" wrote:

> Hi Bart,
>
> Thank you for posting.
>
> From your description, I understand that you're developing an .NET/ASP.NET
> webservice and accessing it through .nett gernated proxy at client-side.
> Also, the webservice is protected through https/ssl. However, at runtime
> when try calling tha webservice , you're getting exception indicate that
> the ssl protected connection can not be establshied, correct?
>
> Based on my experience, such error is likely caused by the certificate used
> in the SSL/HTTPS connection establishing could not be correctly validated.
> In the code you provided, you also add client certificate in your
> webservice proxy, so is your server-side service configured to require
> client certificate (in IIS)? I'd suggest you consider perform the
> following test first to verirfy whether the problem is due to client-side
> cert validation or server certificate validation:
>
> 1. You can configure the webservice to not require client certificate and
> try accessing the server service (without add client certificate) to see
> whether it works.
>
> 2. If still report error, the problem is concerns with the server service's
> SSL certificate or the servername you used to access the server. To do
> further troubleshoot, you can first put an html page or aspx page in that
> ssl/https protected IIS virtual directory/application and try using IE to
> access that page to see whether you can correctly visit that page, also
> make sure whether you'll get any warning or error dialog during the
> visiting of that page. If there occurs any warning or error dialog, it
> indicate there is something not quite correctly against the server SSL
> certificate, and when we use webservice proxy to access the service, since
> there is not UI to let us interactively process such error condition, it'll
> end to an exception...
>
> Please have a check through the above items. If there is anything unclear
> or any other finding, please feel free to post here.
>
> Regards,
>
> Steven Cheng
> Microsoft Online Community Support
>
>
> ==================================================
>
> When responding to posts, please "Reply to Group" via your newsreader so
> that others may learn and benefit from your issue.
>
> ==================================================
>
>
> This posting is provided "AS IS" with no warranties, and confers no rights.
>
>
>
> Get Secure! www.microsoft.com/security
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
>
>
>
>

 
Reply With Quote
 
Steven Cheng[MSFT]
Guest
Posts: n/a
 
      05-22-2006
Thanks for your respones Bart,

Then, you can have a look at the following article and implement an custom
CertificatePolicy class to handle any certificate error occured when
establishing https connection using webrequest:

#Consuming Webservices over HTTPS (SSL)
http://weblogs.asp.net/jan/archive/2.../04/41154.aspx

Hope this helps.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 
Reply With Quote
 
Steven Cheng[MSFT]
Guest
Posts: n/a
 
      05-24-2006
Hello Bart,

Anyway progress on this issue or does my further reply helps you?
Please feel free to post here if there's anything else we can help.

Regards,

Steven Cheng
Microsoft Online Community Support


==================================================

When responding to posts, please "Reply to Group" via your newsreader so
that others may learn and benefit from your issue.

==================================================


This posting is provided "AS IS" with no warranties, and confers no rights.



Get Secure! www.microsoft.com/security
(This posting is provided "AS IS", with no warranties, and confers no
rights.)

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Using GMail with ASP.Net: error: The remote certificate is invalid according to the validation procedure. Carmine [www.thetotalsite.it] ASP .Net 4 03-05-2008 06:55 PM
proc A def/calls proc B: variable scoping rules. NevilleDNZ Python 9 08-16-2006 04:36 AM
Convert VB.NET to TSQL PROC & Reference a Proc from another Proc David Lozzi ASP .Net 3 06-01-2005 06:35 PM
Why no Proc##[]=() ? Why no Proc##replace() ? Jean-Hugues ROBERT Ruby 14 05-05-2004 01:20 PM
What is the diff btwn 'sho proc' and 'sho proc cpu' William J King Cisco 1 12-18-2003 11:50 PM



Advertisments