Connect to https:// webservice in asp.net app
I have an ASP.NET website that is contacting a webservice. Everything works fine connecting via http but when I try https:// it can't connect开发者_运维技巧. I don't seem to get any error from the website and the webservice logs show nothing, meaning nothing has connected to it.
I can connect to my https:// webservice from a site like soapclient.com and request information, so the webservice and ports are working.
Is there anything special I should be doing in order to connect to a https:// webservice over a normal http:// one in .NET? All I am doing at the moment is changing the URL it is connecting to to my secure one instead.
I am using ASP.NET 2, IIS7
Thanks in advance.
EDIT: Just found the actual error message: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel - Which in my eyes tells me I haven't added my self signed certificate to the installed certs on the server ... but I have ...
You need to add your self-signed certificate under Trusted Root Certificate Authorities in the Local Computer store of the server running the ASP.NET website.
Export the certificate from the webservice server as a .cer file, and copy it to the server running the ASP.NET website. Then, on that server:
- Double-click the .cer file and Install Certificate
- In the wizard, choose the store as the Local Computer folder under Trusted Root Certificate Authorities.
- You might have to restart IIS, or the server
There are some good instructions towards the bottom of this page, under "Installing the self-signed certificate on client computers": http://webhelp.esri.com/arcgisserver/9.3/dotNET/index.htm#setting_up_ssl.htm
It looks like your client encounters a certificate validation error, because your server certificate is self-signed.
Try including the following line (C#) in your web site code, before calling the web service. This will tell .NET to ignore all certificate validation errors:
ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, sslPolicyErrors) => { return true; };
This should obviously not be used in a production environment :)
精彩评论