 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / July 2005HttpWebRequest.GetRequestStream - Trust Failure In Windows Service
The code with this call works fine when hosted in a Console application, but throws error Trust Failure - The underlying connection was closed: could not establish trust relationship with remote server when run in a windows service. I have spent almost the whole day reading about security, attributes, etc. but I just can't get this to work. A few questions: 1. Do both the console and service calls attempt to connect to the exact same URL (incl. use of https protocol)? 2. Are both the console and service run from the same machine? 3. Are both the console and service run under the same Windows user account? (If the answer to any of the above is "no", please provide details on the differences.) 4. Does the target server require that a client certificate be provided? > The code with this call works fine when hosted in a Console application, > but [quoted text clipped - 5 lines] > I have spent almost the whole day reading about security, attributes, etc. > but I just can't get this to work. 1. Yes, both apps execute the exact same code. 2. Yes. 3. The console program, I assume, uses my logged on user account, the windows service uses the LocalSystem account. I will experiment with having it use my user account. 4. Yes, a simple certificate that I installed in IE. I don't do anything in my code to reference this certificate so I don't know why it works for the console app and not the Window Service. > A few questions: > [quoted text clipped - 18 lines] > > I have spent almost the whole day reading about security, attributes, etc. > > but I just can't get this to work. I changed the service user to my logon user and it works. Thanks so much for getting me pointed in the right direction. If you can give me some pointers of what permission is involved that my user logon has that LocalSystem doesn't and how I can change LocalSystem, that would be great. Again, thanks > A few questions: > [quoted text clipped - 18 lines] > > I have spent almost the whole day reading about security, attributes, etc. > > but I just can't get this to work. It probably has nothing to do with permissions. When you installed the client certificate via IE, you were placing it in a user-specific store. The LocalSystem account doesn't have a corresponding certificate, so its requests fail. See http://msdn.microsoft.com/library/en-us/dnnetsec/html/secnetht13.asp for more information and instructions on how to use the machine store rather than a user-level store. (N.B.: You can also use the MMC certificates snap-in to manage the certificate store.) >I changed the service user to my logon user and it works. > [quoted text clipped - 32 lines] >> > etc. >> > but I just can't get this to work. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2009 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.