Certificates Validations Issues
Posted
by user298331
on Stack Overflow
See other posts from Stack Overflow
or by user298331
Published on 2010-03-21T06:56:49Z
Indexed on
2010/03/21
7:01 UTC
Read the original article
Hit count: 549
wcf-security
Hi All,
i am facing some issues related certificates.i need some help to resolve these issues.
Requirements :
security
mode="TransportWithMessageCredential"
binding
binding
name="basicHttpEndpointBinding"
certificateValidationMode
="ChainTrust" revocationMode="Online"
Certificates :
Service Cerificates :
Transportlevel : XXXX.cer my cerificate name is my system DNS name and it is having root node i.e RootTrnCA.cer
this is used to enable https.but am not validationg transport level certificates.
Message Level : services.ca.iim (VXXXX.Cer-->Act.Mac.Ca-->services.ca.iim )
Client Cerificates :
Transportlevel : ZZZZ.cer my cerificate name is my system DNS name and it is having root node i.e RootTrnCA.cer
ignoring transport certificate errors through coading.....
Message Level : client.ca.iim (VXXXX.Cer-->Act.Mac.Ca-->client.ca.iim )
Issues :
1) Response message is not contain Service certificate Signature in Soap header.so i am not able to validate Server certificate details in Client code.
2)if i use the transport with message credential and Chaintrust.i am getting error : The revocation function was unable to check revocation because the revocation server was offline.)
so please very the below service and cleint config and correct me if i am wrong.
Service config :
Client config :
i am attaching certificate through coading :
objProxy.ChannelFactory.Credentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.
StoreLocation.LocalMachine,
System.Security.Cryptography.X509Certificates.
StoreName.My, X509FindType.FindBySubjectName, "client.ca.iim");
<binding name="XXXXXServiceHost.Http" closeTimeout="00:01:00"
openTimeout="00:01:00" receiveTimeout="00:10:00" sendTimeout="00:01:00"
allowCookies="false" bypassProxyOnLocal="false" hostNameComparisonMode="StrongWildcard"
maxBufferSize="65536" maxBufferPoolSize="524288" maxReceivedMessageSize="65536"
messageEncoding="Text" textEncoding="utf-8" transferMode="Buffered"
useDefaultWebProxy="true">
<readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
maxBytesPerRead="4096" maxNameTableCharCount="16384" />
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="Certificate" algorithmSuite="Default" />
</security>
</binding>
</basicHttpBinding>
</bindings>
<client>
<endpoint address="https://XXXXXX/XXXServiceHost/MemberSvc.svc/soap11"
binding="basicHttpBinding" bindingConfiguration="XXXServiceHost.Http"
contract="ServiceReference1.IMemberIBA" name="XXXServiceHost.Http" />
</client>
</system.serviceModel>Please Verify both and Help me how to resolve above two issues .
Thanks
Babu
© Stack Overflow or respective owner