Loading ...
Sorry, an error occurred while loading the content.

Re: Secure connections and xmlrpc.net

Expand Messages
  • krishna_a_gandhi
    Okey dokey, well only a little embarrassed! I didn t have the private key for the Client Cert that our client gave us, therefor it wasn t properly loaded in
    Message 1 of 16 , May 18, 2004
    View Source
    • 0 Attachment
      Okey dokey, well only a little embarrassed! I didn't have the
      private key for the Client Cert that our client gave us, therefor it
      wasn't properly loaded in my Personal Cert store, therefor when the
      connection was being negotiated it crashed... I got the full key
      pair from them and voila!

      Anyways, works real nice hey!

      Krishna.

      --- In XMLRPCNET@yahoogroups.com, "krishna_a_gandhi"
      <krishgandhi@h...> wrote:
      > Well, I got it working when running against my test server (IIS5
      W2K
      > svr, I will attach a sample of the code at the bottom of this
      > message), but now I'm connecting to our client (Apache) I'm
      getting
      > the following error:
      >
      > An unhandled exception of type 'System.Net.WebException' occurred
      in
      > system.dll
      >
      > Additional information: The underlying connection was closed:
      Unable
      > to connect to the remote server.
      >
      >
      > This exception is thrown when the GetRequestStream() method is
      > called and I am using a client cert that was issued to us from
      their
      > internal CA (they are using OpenSSL).
      >
      > Will try posting to microsoft.public.dotnet.framework.aspnet too.
      >
      > Any help'd be much appreciated!
      >
      > Regards,kg.
      >
      > Code snippet to use client certs:
      > namespace QueueListenerSvc
      > {
      > using System;
      > using System.Configuration;
      > using System.Security.Cryptography.X509Certificates;
      > using CookComputing.XmlRpc;
      >
      > class ClientMethods: XmlRpcClientProtocol
      > {
      > public ClientMethods()
      > {
      > this.Url
      > = "https://secure_server/directory/methodserver.rem";
      >
      > this.ClientCertificates.Add
      > (X509Certificate.CreateFromCertFile("C:\\certificate.cer"));
      > }
      >
      > [XmlRpcMethod("Client.ReceiptConfirm")]
      > public string ClientReceiptConfirm(string szParam)
      > {
      > return (string)Invoke
      > ("ClientReceiptConfirm", new object[] {szParam});
      > }
      >
      > ... rest of proxy class as per ususal ...
      >
      > --- In XMLRPCNET@yahoogroups.com, "charlescookuk"
      <charlescook@u...>
      > wrote:
      > > Hi KG - any tips on how you did this might be useful for anyone
      > else
      > > here trying to do the same.
      > >
      > > Its good to hear you're finding the library of some use.
      > >
      > > - Charles
      > >
      > > --- In XMLRPCNET@yahoogroups.com, "krishna_a_gandhi"
      > > <krishgandhi@h...> wrote:
      > > > FYI, I have got the client certs working OK. A setting on my
      > IIS
      > > > server did the trick.
      > > >
      > > > Awsome product BTW, with full credit to you Charles my boss is
      > > still
      > > > impressed with me!
      > > >
      > > > Cheers!kg.
      > > >
      > > > --- In XMLRPCNET@yahoogroups.com, "krishna_a_gandhi"
      > > > <krishgandhi@h...> wrote:
      > > > > Ok, I figured out building the proxy class so I can access
      the
      > > > > XmlRpcClientProtocol properties, namely the
      ClientCertificates
      > > > > property. I can load my client cert ok and inspect it's
      > values.
      > > > > Now at the method server end (which is vanilla asp) the
      > > > > Request.ClientCertificate property contains nothing - is
      there
      > > > > another property/setting I need before the client cert is
      sent
      > > > along
      > > > > with the request? I will be digging around myself, but any
      > help
      > > > is
      > > > > appreciated.
      > > > >
      > > > > TIA,
      > > > > Krishna.
      > > > >
      > > > > --- In XMLRPCNET@yahoogroups.com, "krishna_a_gandhi"
      > > > > <krishgandhi@h...> wrote:
      > > > > > G'day Matt & Co,
      > > > > >
      > > > > > Similarly to your self, I am having to use an SSL
      connection
      > > > along
      > > > > > with a client certificate from within a windows service.
      > Being
      > > > a
      > > > > > newbie to XML-RPC I don't quite understand your fix
      below.
      > I
      > > > have
      > > > > > setup the method proxy interface as described in the XML-
      > > RPC.NET
      > > > > > doco but cannot find any reference in it to the
      > > > ClientCertificates
      > > > > > property. Do I need to modify the source for XML-RPC.NET
      to
      > > > > include
      > > > > > it? I am using the static method XmlRpcProxyGen.Create()
      to
      > > > > > instanciate the proxy method interface. Should I be doing
      > this
      > > > > > differently?
      > > > > >
      > > > > > Should I manually build the method request using the
      > underlying
      > > > > > objects so I can access the XmlRpcClientProtocol class
      > > > directly?
      > > > > If
      > > > > > so, are there any examples of how this is done?
      > > > > >
      > > > > > Plus, whilst trying to recompile the XML-RPC.NET library,
      I
      > get
      > > > > the
      > > > > > following error: "The designer must create an instance of
      > > > > > type 'System.Web.Services.Protocols.WebClientProtocol' but
      > it
      > > > > cannot
      > > > > > because the type is declared as abstract". Any ideas? I
      am
      > > > using
      > > > > > the latest version of XML-RPC.NET (0.8.1)
      > > > > >
      > > > > > Cheers mate,
      > > > > > Krishna.
      > > > > >
      > > > > >
      > > > > > --- In XMLRPCNET@yahoogroups.com, "mattjgilbert"
      > > > > <mattjgilbert@y...>
      > > > > > wrote:
      > > > > > > Charles,
      > > > > > >
      > > > > > > Thanks for all your help - the ClientCertificates thing
      > > worked!
      > > > > > >
      > > > > > > Matt :o)
      > > > > > >
      > > > > > > ---------------------------------------------------------
      --
      > ---
      > > -
      > > > --
      > > > > > > A brief run-down of what to do if anyone else has to do
      > > this...
      > > > > > >
      > > > > > > 1. Install the CA file (.cer extension) in the Trusted
      > Root
      > > > > > > Certification Authorites store (note I got a .pem file
      > from
      > > > the
      > > > > > > third party I had to connect to - I simply changed the
      > file
      > > > > > > extension to .cer and Windows recognised it)
      > > > > > > 2. Install the client certificate (e.g. a .p12 file)
      into
      > the
      > > > > > > Personal store (it should ask you for a password) -
      don't
      > > make
      > > > > the
      > > > > > > key exportable)
      > > > > > > 3. Export the client certificate to a .cer file (will be
      > DER
      > > > > > encoded)
      > > > > > > 4. When you need to add the certificate to the request
      in
      > > code
      > > > > use
      > > > > > > something similar to:
      > > > > > >
      > > > > > > MyProxy.ClientCertificates.Add
      > > > (X509Certificate.CreateFromCertFile
      > > > > > > (m_certPath))
      > > > > > >
      > > > > > > Where m_certPath is the file path of your exported DER
      > > encoded
      > > > > > > certificate
      > > > > > > The X509Certificate class can be found in the
      > > > > > > System.Security.Cryptography namespace
    Your message has been successfully submitted and would be delivered to recipients shortly.