none
Service client with Certificate identity RRS feed

  • Question

  • Hi,

    I'm developing a service for intranet non-domain machines.

    I use Tcp binding with message security and credential type as username. I have created certificate using makecert for currentuser.

    If I create proxy using config, generated by add service reference, then my client can connect to the service.

    But I want to be able to connect to service by code. Following is my code of certificate identity which doesn't work:

          X509Certificate2 certFromExportedFile = new X509Certificate2(new X509Certificate(<FilenameOfExportedCertificateFromServer>));
          EndpointIdentity identity = new X509CertificateEndpointIdentity(certFromExportedFile);
          EndpointAddress tcpEndpointAddress = new EndpointAddress(new Uri(endpointAddress), identity, new AddressHeader[]{});
    
          NetTcpBinding tcpBinding = new NetTcpBinding();
          tcpBinding.Security.Mode = SecurityMode.Message;
          tcpBinding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
    
          p_Proxy = new ServiceClient(tcpBinding, tcpEndpointAddress);
          
          p_Proxy.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None;
          p_Proxy.ClientCredentials.UserName.UserName = "";
          p_Proxy.ClientCredentials.UserName.Password = "";
    
          p_Proxy.Open();

    Please inform how to create proxy using certificateidentity through code.

    Thanks.



    • Edited by Dhruvesh Friday, January 24, 2014 8:08 PM
    Friday, January 24, 2014 8:04 PM

Answers

  • Hi,
    I create a simple code, it can work well, please try to check it:

    var ServiceendPoint = new EndpointAddress(new Uri(ServiceAddress), 
                              EndpointIdentity.CreateDnsIdentity("MyWebSite"));
        var binding = new WSHttpBinding();
        binding.Security.Mode = SecurityMode.Message;
        binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
        var result = new Service1Client(netTcpBinding, ServiceendPoint);
        result.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = 
                                 X509CertificateValidationMode.None;            
        result.ClientCredentials.UserName.UserName = "***";            
        result.ClientCredentials.UserName.Password = "***";
    Best Regards,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, January 27, 2014 2:02 PM
    Moderator

All replies

  • Hi,
    I create a simple code, it can work well, please try to check it:

    var ServiceendPoint = new EndpointAddress(new Uri(ServiceAddress), 
                              EndpointIdentity.CreateDnsIdentity("MyWebSite"));
        var binding = new WSHttpBinding();
        binding.Security.Mode = SecurityMode.Message;
        binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
        var result = new Service1Client(netTcpBinding, ServiceendPoint);
        result.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = 
                                 X509CertificateValidationMode.None;            
        result.ClientCredentials.UserName.UserName = "***";            
        result.ClientCredentials.UserName.Password = "***";
    Best Regards,
    Amy Peng

    We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
    Click HERE to participate the survey.

    Monday, January 27, 2014 2:02 PM
    Moderator
  • Hi,

    Thanks for reply and code.

    My service and clients are connected in workgroup, can i still use DNS identity? 

    Please let me know.

    Thanks.

    Monday, January 27, 2014 9:25 PM
  • Friday, February 7, 2014 1:42 AM