Home | Contact Us | FAQ | Search & Site Map | Link to Us
Sign In | Join | Other 45 Sites in Network
HomeAnnouncementsFree MagazinesWhite PapersSubmit Content
Discussion GroupsASP.NETWindows FormsLanguages.NET FrameworkVisual Studio.NET
Articles.NET FrameworkASP.NETToolsWindows Forms
.NET DirectoryOpen Source ProjectsUser GroupsWeb Resources
Related Topics
Visual Basic 6SQL ServerMS AccessOther DB ProductsMS Server ProductsMore Topics ...
.NET Forum / ASP.NET / Web Services / February 2008

Tip: Looking for answers? Try searching our database.

Consuming a WSE3(X509) service in a Web Application

Thread view: 
Enable EMail Alerts  Start New Thread
Thread rating: 
Aaron G - 06 Nov 2006 23:36 GMT
Hi everyone,

I'm completely stumped on this.  I've got an ASP.NET Web Service Application
using a mutual X.509 Authentication policy and I can access it without any
problem from a .NET Winforms app, a regular Web (folders) ASP.NET project,
and an ASP.NET Web Application Project using the VS Development Server.  
However, if I switch the WA project over to IIS, I get the message "Object
contains only the public half of a key pair. A private key must also be
provided."

Normally I'd assume that it's a permissions issue, since IIS is running
under the Network Service account.  And indeed, if I set the application up
to impersonate a privileged user, it works.  But I've explicitly given
permissions to private key of that certificate to the Network User (and to
the Everyone group, just to be sure), so that can't be the only problem.  And
in any event, I know that the permissions are set up correctly because the
Web Service I'm trying to consume is encrypting with the exact same
certificate in the same store!

It seems like WSE is failing to even look for the private key when
configured as a service "consumer" within IIS, even though it works fine as a
service provider.  I can't fathom why this would be.

Any suggestions?

Thanks in advance,
Aaron
Reply to this Message
Pablo Cibraro [MVP] - 07 Nov 2006 15:37 GMT
Hi Aaron,

Are you storing the certificate with both keys in the computer store
certificate ?. Perhaps, you have that certificate installed only on the user
store, so the winform application works fine. (But the ASP.NET process
always tries to get the certificate from the computer store).

Regards,
Pablo Cibraro.

> Hi everyone,
>
[quoted text clipped - 27 lines]
> Thanks in advance,
> Aaron
Reply to this Message
waleed mohamed - 04 Feb 2008 09:19 GMT
> Hi everyone,
>
[quoted text clipped - 23 lines]
> Thanks in advance,
> Aaron

I face the same problem with wse 3.0
iam sure the the aspnet account has full control on the cert file
and the cert is installed on both the local user personal store
and the local computer personal and local and trusted people stores
by the way i use test certificates generated by the command
makecert -sk anyname-r -n "CN=any nameTraders, OU=Certification, O=anynameTraders, E=info@anynameraders.com" -ss local d:ServerCert.cer -sky exchange
any help will be appreciated
thnx in advance

BizTalk Utilities - Frustration free BizTalk Adapters
http://www.topxml.com/biztalkutilities
Reply to this Message

Free Magazines

Get these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...

Oracle MagazineNetwork ComputingComputer WorldBio-IT WorldeWeekInformation WeekInfosecurity
 
Sign In
Join
My Latest Posts
My Monitored Threads
My Blog
My Photo Gallery
My Profile
My Homepage
Start New Thread
Enable EMail Alerts
Rate this Thread



©2008 Advenet LLC   Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.