WCF/WF - How to Connect with SSL in Asp.Net WebApplication?

Asked By Eswaran Radhakrishnan on 23-Feb-08 08:56 AM


 I am Eswaran.R and I am a stranger to the Connection with SSL in Asp.Net.I hope you will answer to my problem as soon as possible. If it means i shall be happy.

I have a Webform that is going to send data to the secure site (like https://123abc.wep_as.asp that is working within intranet)

  1. when I clik the button that is gong to send the data to the secure site using the SSL Connection in WebForm.aspx.cs.

  2. I tried lot but i had error when I published that in Testing server. It gave me error called “The underlying connetion was closed. Could not establish a trusted with SSL/TLS with the secure channel”.

  3. I don't know why it happens.

  4. I have checked whethere proper certificate has installed in Testing server. It installed.

  1. I show my coding here.

class file name is “CertPolicy.cs”

public class CertPolicy : ICertificatePolicy  {    
   public enum eCertificateProblem    {
       CertNone                      = 0,
       CertEXPIRED                   = 1, //0x800B0101,
       CertVALIDITYPERIODNESTING     = 2, //0x800B0102,
       CertROLE                      = 3, //0x800B0103,
       CertPATHLENCONST              = 4 //0x800B0104,

    public CertPolicy() { }
   public bool CheckValidationResult(ServicePoint  srvPoint, X509Certificate certificate, WebRequest request, int certificateProblem)
            eCertificateProblem cp = (eCertificateProblem) certificateProblem;
            switch (cp)
                case (eCertificateProblem.CertUNTRUSTEDROOT):
                    return true;
                case eCertificateProblem.CertCN_NO_MATCH:
                    return true;
                case eCertificateProblem.CertNone:
                    return true;
            return false;

and my button click event is going to call this funcation

protected string sendDATA()
ServicePointManager.CertificatePolicy = new CertPolicy();
            ServicePointManager.MaxServicePoints = 4;
            ServicePointManager.MaxServicePointIdleTime = 1000;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls;
            ServicePointManager.Expect100Continue       = false;     
                strXML                = "Hai"; //Sample data to send
                WebRequest req   = null;
                WebResponse rps = null;

                string strUrlToSecureSite = ConfigurationManager.AppSettings["urlToSecureSite"].ToString();
                req                                     = WebRequest.Create(strUrlToSecureSite); //like (https://123abc.12sd.asp)
                req.Method                        = "POST";
                req.ContentType                = "application/x-www-form-urlencoded";             

                this.TxRequest.Value = strXML; //TxRequest is a Hidden Field
                StreamWriter wr = new StreamWriter(req.GetRequestStream()); 
                rps = req.GetResponse();

                if (!req.Equals(null))
                if (!rps.Equals(null))
                    HttpWebRequest httpWebRequest = (HttpWebRequest)WebRequest.Create(strUrlToTravelers);                    
                    httpWebRequest.KeepAlive = false;
                    HttpWebResponse httpWebResponse = (HttpWebResponse)(httpWebRequest.GetResponse());

                Stream receiveStream = rps.GetResponseStream();
                Encoding encode = System.Text.Encoding.GetEncoding("utf-8");
                StreamReader readStream = new StreamReader(receiveStream, encode);
                TxRequest.Value = readStream.ReadToEnd();
            catch (WebException e)
            return TxRequest.Value.ToString();
If anyone help this that would be better for me.
R. Eswaran Radharkishnan

Steps to solve your problem - K Pravin Kumar Reddy replied to Eswaran Radhakrishnan on 23-Feb-08 10:12 AM

1.If that is the problem, you can either fix the trust problem by installing
the server's root CA cert in your client's trusted roots.

Using MMC or IE

Internet Options->Content->Certificates->Trusted root certification Authorities

2.make sure you use a 'proper' certificate, and make sure the domain name  in that certificate matches the domain name (comple System name-Server) you specify in the service endpoint

these will solve your problem.

Certificate all installed correct places. Do I need to change the code anything?

Eswaran Radhakrishnan replied to K Pravin Kumar Reddy on 23-Feb-08 10:35 AM

Thanks for your reply.

I verified that all the certificates are installed in right places. So I would like to know that whether code is correct?

If our code is right means we can ask the client to do something.


R. Eswaran

Use the Fiddler tool to see what's actually happening - Chris Falter replied to Eswaran Radhakrishnan on 07-Mar-08 01:28 PM

Eswaran -
I suggest that you use Microsoft's Fiddler tool on your web server (acting as client) to view all HTTP and HTTPS traffic between your server and the remote server.  You will be able to see what's really happening.  I reviewed the tool here.
- Chris