Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

.Net Core Connected Service with SSL Certificate

Tags:

c#

soap

certificate

ssl

asp.net-core

I am trying to make a request to a web service endpoint that utilizes an SSL certificate for communication. I have spent hours googling for an example but have come up with very little so far.

I did manage to get the connected service to scaffold by directly navigating to the wsdl and xsd file, saving them manually and pointing the WCF Web Service Reference Provider to the containing directory based on this solution. I also tried installing the certificate with the winhttpcertcfg.exe but could not get the tool to successfully open the channel to generate the client directly from the WSDL.

Now that I have the client generated, I am unable to figure out how to add the certificate correctly. This is the code that I have currently

 // Get the certificate
                var testCert = new X509Certificate2(System.IO.File.ReadAllBytes("C://SecureCert.PFX"), "##########");

                //Create instance of SOAP client
                HostedCollectionPaymentService.OnlineService_v2_2Client soapClient = new OnlineService_v2_2Client(new BasicHttpsBinding(BasicHttpsSecurityMode.Transport), new EndpointAddress("https://secure.service.endpoint.com/2.2/"));

                // Add the certificate to the client
                soapClient.ClientCredentials.ClientCertificate.Certificate = testCert;

                using (new OperationContextScope(soapClient.InnerChannel))
                {
                    try
                    {
                        var result = await soapClient.startOnlineCollectionAsync(new StartOnlineCollectionRequest
                        {
                            app_id = "12344",
                            tracking_id = "fdsa43531",
                            transaction_amount = 5.00m,
                            transaction_type = TransactionType.Sale
                        });

                        Console.WriteLine(result.startOnlineCollectionResponse.token);
                    }
                    catch (Exception ex)
                    {
                        var f = ex;
                        throw;
                    }
                }

When i try to connect, i recieve the response "Message = "Could not establish trust relationship for the SSL/TLS secure channel with authority 'secure.service.endpoint.com'".

I have verified that the certificate is valid and I am able to connect to the service using the SoapUI toolset.

I am assuming that I am either missing a configuration or attaching the SSL certificate incorrectly. If someone could provide a suggestion or point me to the appropriate documentation I would be highly appreciative.

like image 486
jamesamuir Avatar asked Aug 02 '19 17:08

jamesamuir

People also ask

How to specify SSL certificate file in ASP NET Core?

ConfigurationOptions let you specify SSL property using property “Ssl”. Please set this as true. PATH_TO_CERT_FILE is the location of the X509Certificate2 certificate file on the server. If using ASP.NET Core application below is a sample that can be used to specify the certificate file.

What is ASP NET CERT certificate authentication?

Certificate Authentication is a great way to secure your ASP.NET Core APIs. I have provided the full source that can be downloaded at the end of this tutorial. Certificate Authentication requires 2 types of Certificates, these are: What is SSL Certificate and How SSL Works? (What is HTTPS) SSL/TLS

Does DotNet core SDK include a HTTPS certificate?

The.NET Core SDK includes an HTTPS development certificate. The certificate is installed as part of the first-run experience. For example, dotnet --info produces a variation of the following output:

How to enable self-signed SSL validation in DotNet core?

Follow these steps to enable self-signed SSL validation in ASP.NET Core: Run the following .NET command: dotnet dev-certs https –trust Now when you test your website and use “https” at the beginning of the URL, the web browser will recognize the self-signed certificate and display the padlock symbol to indicate a valid SSL certificate is in place.

1 Answers

Figured it out. I need this extra configuration line.

binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;

Here is a sample for those asking where it was included. In my case it was for a payment gateway service.

// Get the cert
var myCertificate = await GetMyCertificate(); //X509Cert

// Create a new binding to specify certificate security
var binding = new BasicHttpsBinding()
{
    Name = "basic_ssl_cert"
};

// Specify the credential type
binding.Security.Transport.ClientCredentialType = HttpClientCredentialType.Certificate;


//Create instance of SOAP client
QaPaymentService.PaymentOnlineService_v2_Client soapClient = new QaPaymentService.PaymentOnlineService_v2_Client(binding, new EndpointAddress(onlinePaymentServiceEndpoint));

// Add the certificate to the client
soapClient.ClientCredentials.ClientCertificate.Certificate = myCertificate;


using (new OperationContextScope(soapClient.InnerChannel))
{
    try
    {
        var result = soapClient.completeOnlineCollectionAsync(new QaPaymentService.CompleteOnlineCollectionRequest
        {
            app_id = appId,
            token = token           
        }).GetAwaiter().GetResult();

        return (result.completeOnlineCollectionResponse.tracking_id);
    }
    catch (FaultException<QaPaymentService.PaymentServiceFault> ex)
    {
        // Extract the actuall error from the service fault
        throw new myServiceException(ex.Detail.return_detail, ex)
        {
            ErrorDetail = ex.Detail.return_detail,
            ErrorCode = ex.Detail.return_code
        };                       
    }
    catch (Exception ex)
    {
        logger.LogError($"Error completing transaction from QA my service: {ex.Message}", ex);
        throw ex;
    }
}
like image 128
jamesamuir Avatar answered Sep 23 '22 06:09

jamesamuir
Sign in to Comment

Related questions

What are sensible use-cases for Debugger.IsAttached Property
How to change my App's icon in Xamarin.Forms using Visual Studio?
Wrap IL into an assembly written on disk in C# / .NET Core?
Strange question mark, when setting StreamReader to beginning
How to create an Expression builder in .NET
Reading a string from one char to another
How to release tracked entities?
How do I convert a Generic IList<T> to IList?
Mocking HttpClient GetAsync by using Moq library in Xunit test
Xamarin Forms : can Prism and ReactiveUI be used in the same project ? If so, is it a good idea?
AspNet Core - input/output JSON serialization settings at Controller Level
how to Moq Fluent interface / chain methods
Why is the currency modifier "C" returning '?' instead of '$' in C#?
Prevent Lazy<T> caching exceptions when invoking Async delegate
What is the ASP.NET Core equivalent of ViewData.TemplateInfo.GetFullHtmlFieldId("PropertyName")?
Why should I use User secrets only in the Development environment?
HTTP Request works in Postman, but not in C# code
How am I misusing the null-coalescing operator? Is this evaluating "null" correctly?
Custom model binder for a webapi method with more than one parameter
Cannot implicitly convert type 'Microsoft.EntityFrameworkCore.ChangeTracking.EntityEntry<T>' to 'T'

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!