 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / .NET Framework / Security / January 2008Trusted connection problem
I have an application that performs an http post to the remote server using SSL. When I run the app on my local machine, I get this error: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. When my co-worker runs the same app on his machine, everything works fine. He tried running the app on my machine under his network login with no success. He doesn't recall configuring his pc to be able to talk to the server. I'm wondering if this error might have anything to do with .NET security?? If it does, how can I compare my settings against my co-worker's? I would appreciate any help. Thank you in advance! This is usually a problem with PKI and is not an error specific to .NET security. It sounds like your workstation does not trust the issuer of the remote server's certificate. Normally when this happens, an error will be logged by schannel in the system event log on the client machine with the details. Providing this info would help. If that is the problem, you can either fix the trust problem by installing the server's root CA cert in your client's trusted roots (better) or code around the problem to ignore this type of problem with the appropriate validation callback. Joe K.  SignatureJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- >I have an application that performs an http post to the remote server using > SSL. When I run the app on my local machine, I get this error: [quoted text clipped - 11 lines] > If it does, how can I compare my settings against my co-worker's? > I would appreciate any help. Thank you in advance! Joe, Thank you for your prompt response. Nothing is being logged in the system event log after I get this error... > This is usually a problem with PKI and is not an error specific to .NET > security. It sounds like your workstation does not trust the issuer of the [quoted text clipped - 24 lines] > > If it does, how can I compare my settings against my co-worker's? > > I would appreciate any help. Thank you in advance! How can I verify that my co-worker has the server's root CA certificate installed on his machine? > This is usually a problem with PKI and is not an error specific to .NET > security. It sounds like your workstation does not trust the issuer of the [quoted text clipped - 24 lines] > > If it does, how can I compare my settings against my co-worker's? > > I would appreciate any help. Thank you in advance! I found this link: http://www.isaserver.org/img/upl/exchangekit/importrootca/importrootca.htm > How can I verify that my co-worker has the server's root CA certificate > installed on his machine? [quoted text clipped - 27 lines] > > > If it does, how can I compare my settings against my co-worker's? > > > I would appreciate any help. Thank you in advance! I guess I could compare my list on the Trusted Root Certification Authorities tab in Internet Options against the list on my co-worker's machine... > How can I verify that my co-worker has the server's root CA certificate > installed on his machine? [quoted text clipped - 27 lines] > > > If it does, how can I compare my settings against my co-worker's? > > > I would appreciate any help. Thank you in advance! Yes, that's one way to do it. IE is usually pretty good at telling you whether a given site's certificate will be trusted by a given client machine as well and will show you the cert chain. Joe K. SignatureJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- >I guess I could compare my list on the Trusted Root Certification >Authorities [quoted text clipped - 41 lines] >> > > If it does, how can I compare my settings against my co-worker's? >> > > I would appreciate any help. Thank you in advance! I installed the server's root CA cert on my machine and I'm not getting that connection error anymore. Thanks a lot for your prompt help and follow up! > Yes, that's one way to do it. IE is usually pretty good at telling you > whether a given site's certificate will be trusted by a given client machine [quoted text clipped - 47 lines] > >> > > If it does, how can I compare my settings against my co-worker's? > >> > > I would appreciate any help. Thank you in advance! Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.