Could not create SSL/TLS secure channel, with httpWebRequest object. RRS feed

  • Question

  • I am having hard time in implementing WCF service in my code with the help of httpWebRequest object. 

    WCF service is provided by our client and it has certificate credential. As through service reference option we don't have option to attach client certificate, I have decided to go with httpWebRequest.

    Now I have written below code for the same, Please help me to succesfully call the given service.

    I am getting Error : "Could not create SSL/TLS secure channel" , even after adding the client certificate in the request object.

    string url = "";
    string action = "testCall";
    HttpWebRequest webRequest = (HttpWebRequest)WebRequest.Create(url);
    webRequest.ContentType = "text/xml;charset=\"utf-8\"";
    webRequest.Accept = "text/xml";
    webRequest.Method = "POST";
    System.Security.Cryptography.X509Certificates.X509Certificate cert1 = System.Security.Cryptography.X509Certificates.X509Certificate.CreateFromCertFile(Server.MapPath("~/www_testing_com.cer"));
    webRequest.Headers.Add("SOAPAction:" + action);
    XmlDocument soapEnvelop = new XmlDocument();
    byte[] byteArray = new ASCIIEncoding().GetBytes(soapEnvelop.InnerXml);
    BinaryWriter BWriter = new BinaryWriter(webRequest.GetRequestStream());
    BWriter.Write(byteArray, 0, byteArray.Length);
    IAsyncResult asyncResult = webRequest.BeginGetResponse(null, null);
    string soapResult;
    using (WebResponse webResponse = webRequest.EndGetResponse(asyncResult))
    	StreamReader srd = new StreamReader(webResponse.GetResponseStream());
    	soapResult = srd.ReadToEnd();

    • Edited by Nizam N Ansari Tuesday, August 4, 2015 9:24 AM removed personal info
    Tuesday, August 4, 2015 9:21 AM


  • Hi Nizam N Ansari,

    According this case, in my opinion is that certificate problem.

    In my experience, there have some common problems I have encountered.

    The certificate on the server is not signed by an authority that the PROXY or the CLIENT trusts.

    The certificate on the CLIENT is not signed by an authority that the PROXY or the SERVER trusts.

    We need to export the private key when I created the cert to be installed on the  client.

    I hope that will be helpful to you.

    Best Regards,

    Tracy Grady

    Thursday, August 6, 2015 3:12 AM