SSL certificate validation fails in windows service
From: Oddmar Sandvik (OddmarSandvik_at_discussions.microsoft.com)
Date: 06/17/04
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: User Authentication, Active Directory and more (help)"
- Previous message: Maras: "How to secure one web app with another web app..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 17 Jun 2004 04:55:01 -0700
Using .NET framework v1.1.4322.
My application connects up to a server using HttpWebRequest over SSL. The server certificate is selfsigned, and the CA certificate is installed on the client in Trusted Root Certification Authorities on the Local Computer account.
When I run the client application standalone, SSL communications work fine. However, when I install it as a service, the certificate cannot be validated. I override the ICertificatePolicy interface and receive an error code (0) that does not match any of the ones I have found in various examples.
I have tried with the service running both as LocalSystem (preferred) or as the same local user that I used when testing the application as a non-service. The result is the same - failure in both cases. I must resort to ignoring certificate validation. That is not an acceptable solution since there is no server authentication.
It appears that I cannot access the certificate store through .NET APIs without using P/Invoke against CryptoAPI, something I would prefer to stay away from. Thus I cannot see the CA certificates from my application.
Can anyone shed a light on why the .NET framework behaves differently when running as a service?
- Next message: Joe Kaplan \(MVP - ADSI\): "Re: User Authentication, Active Directory and more (help)"
- Previous message: Maras: "How to secure one web app with another web app..."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
