 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / November 2005WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.'
Hi, I am just trying to set up a very simple filter to add x509 signature elements to a soap envelope, but I am getting the following error, and was wondering if someone might be able to point me in the right direction as to what I'm doing wrong. Thanks in advance, Russ ERROR: 'm_safeCertContext is an invalid handle' SAMPLE CODE: public override void SecureMessage(Microsoft.Web.Services3.SoapEnvelope envelope, Security security) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); X509Certificate2Collection collection = store.Certificates; X509Certificate2Collection collectionWSE = collection.Find(X509FindType.FindBySubjectDistinguishedName, "CN=WSE2QuickStartClient", false); foreach (X509Certificate2 x509 in collectionWSE) { X509SecurityToken token = new X509SecurityToken(x509); security.Tokens.Add(token); //MessageSignature signature = new MessageSignature(token); //security.Elements.Add(signature); security.Timestamp.TtlInSeconds = 10; x509.Reset(); } } STACK TRACE: " at System.Security.Cryptography.X509Certificates.X509Certificate.get_RawData()\r\n at System.Security.Cryptography.X509Certificates.X509Certificate.GetRawCertData()\r\n at Microsoft.Web.Services3.Security.Tokens.X509SecurityToken.get_RawData()\r\n at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocument document, String valueType)\r\n at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocument document)\r\n at Microsoft.Web.Services3.Security.Security.SerializeXml(SoapEnvelope document)\r\n at Microsoft.Web.Services3.Security.Security.Execute(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Messaging.SoapSender.FilterMessage(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Messaging.SoapSender.Send(SoapEnvelope envelope)\r\n at Player.ServiceManager.HttpService_RequestReceived(Object senderObject, HttpListeningEventArgs hea) in C:\\Projects\\Player\\Player\\Player\\ServiceManager.cs:line 126\r\n at Player.HttpService.OnRequestReceived(HttpListeningEventArgs hea) in C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 161\r\n at Player.HttpService.BeginListening() in C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 104" Hi Russ, Welcome to Webservice newsgroup. Regarding on the problem in custom WSE3.0 security policy assertion you mentioned, I think the it is likely cause by the following line of code: x509.Reset(); I saw you call it after the x509 token being added. Why did you call it? Based on my research, the X509Certificate2 class's Reset method will clear all the certificate related properties and set the m_safeCertContext internal field to InvalidHandle like: this.m_safeCertContext = SafeCertContextHandle.InvalidHandle; So I think you should comment that line of code so as to make sure the certifciate reference is still valid among the WSE policy assertion's processing lifecycle. Thanks, Steven Cheng Microsoft Online Support  SignatureGet Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) -------------------- From: "Russ" <ausername12345@online.nospam> Subject: WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.' Date: Mon, 31 Oct 2005 11:25:51 +1100 Lines: 75 X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-RFC2646: Format=Flowed; Original Message-ID: <OsRltGb3FHA.2196@tk2msftngp13.phx.gbl> Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements NNTP-Posting-Host: adsl-83-165.swiftdsl.com.au 218.214.83.165 Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.dotnet.framework.webservices.enhancements:5208 X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements Hi, I am just trying to set up a very simple filter to add x509 signature elements to a soap envelope, but I am getting the following error, and was wondering if someone might be able to point me in the right direction as to what I'm doing wrong. Thanks in advance, Russ ERROR: 'm_safeCertContext is an invalid handle' SAMPLE CODE: public override void SecureMessage(Microsoft.Web.Services3.SoapEnvelope envelope, Security security) { X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly); X509Certificate2Collection collection = store.Certificates; X509Certificate2Collection collectionWSE = collection.Find(X509FindType.FindBySubjectDistinguishedName, "CN=WSE2QuickStartClient", false); foreach (X509Certificate2 x509 in collectionWSE) { X509SecurityToken token = new X509SecurityToken(x509); security.Tokens.Add(token); //MessageSignature signature = new MessageSignature(token); //security.Elements.Add(signature); security.Timestamp.TtlInSeconds = 10; x509.Reset(); } } STACK TRACE: " at System.Security.Cryptography.X509Certificates.X509Certificate.get_RawData()\ r\n at System.Security.Cryptography.X509Certificates.X509Certificate.GetRawCertData ()\r\n at Microsoft.Web.Services3.Security.Tokens.X509SecurityToken.get_RawData()\r\n at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocume nt document, String valueType)\r\n at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocume nt document)\r\n at Microsoft.Web.Services3.Security.Security.SerializeXml(SoapEnvelope document)\r\n at Microsoft.Web.Services3.Security.Security.Execute(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvel ope envelope)\r\n at Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Messaging.SoapSender.FilterMessage(SoapEnvelope envelope)\r\n at Microsoft.Web.Services3.Messaging.SoapSender.Send(SoapEnvelope envelope)\r\n at Player.ServiceManager.HttpService_RequestReceived(Object senderObject, HttpListeningEventArgs hea) in C:\\Projects\\Player\\Player\\Player\\ServiceManager.cs:line 126\r\n at Player.HttpService.OnRequestReceived(HttpListeningEventArgs hea) in C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 161\r\n at Player.HttpService.BeginListening() in C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 104" Awesome. Thanks for that Steven. I guess I'd been staring at it too long. I'd had that reset in there from code I'd had for looping through the certificates in the certifcate store. Oops. Thanks again, Russ > Hi Russ, > [quoted text clipped - 123 lines] > Player.HttpService.BeginListening() in > C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 104" You're welcome Russ, Good luck! Steven Cheng Microsoft Online Support SignatureGet Secure! www.microsoft.com/security (This posting is provided "AS IS", with no warranties, and confers no rights.) -------------------- From: "Russ" <ausername12345@online.nospam> References: <OsRltGb3FHA.2196@tk2msftngp13.phx.gbl> <Cs0SGxh3FHA.3220@TK2MSFTNGXA01.phx.gbl> Subject: Re: WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.' Date: Tue, 1 Nov 2005 12:21:48 +1100 Lines: 147 X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-RFC2646: Format=Flowed; Original Message-ID: <u4ZfvKo3FHA.2676@TK2MSFTNGP15.phx.gbl> Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements NNTP-Posting-Host: adsl-83-165.swiftdsl.com.au 218.214.83.165 Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP15.phx.gbl Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.dotnet.framework.webservices.enhancements:5219 X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements Awesome. Thanks for that Steven. I guess I'd been staring at it too long. I'd had that reset in there from code I'd had for looping through the certificates in the certifcate store. Oops. Thanks again, Russ > Hi Russ, > [quoted text clipped - 88 lines] > STACK TRACE: > " at System.Security.Cryptography.X509Certificates.X509Certificate.get_RawData()\ > r\n > at System.Security.Cryptography.X509Certificates.X509Certificate.GetRawCertData > ()\r\n > at Microsoft.Web.Services3.Security.Tokens.X509SecurityToken.get_RawData()\r\n > at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocume > nt > document, String valueType)\r\n at Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocume > nt > document)\r\n at [quoted text clipped - 3 lines] > envelope)\r\n > at Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvel > ope > envelope)\r\n at [quoted text clipped - 11 lines] > Player.HttpService.BeginListening() in > C:\\Projects\\Player\\Player\\Player\\HttpService.cs:line 104" Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.