stackoom
  简体   繁体   中英

C# client to SoapUI https mock service: Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost:8083'

 原文  2018-01-13 03:01:26       c#/ https/ ssl-certificate/ truststore

Question

I have a simple C# program that needs to talk to a 3rd party SOAP web service ("FooService").

I imported the WSDL into Visual Studio and created a service reference. My C# client code looks like this: 

  FooSoapClient webService = new FooSoapClient ();
  webService.Endpoint.Address = new EndpointAddress(cbWsUrl.Text);
  bool response = webService.PutDocumentCollection(docs);

I imported the same WSDL into SoapUI, created a mock service and a mock response, and my C# client is able to successfully communicate with SoapUI:

PROBLEM:

This all works great for http ... but fails for https .

I followed this guide to use java keytool to create my own little keystore ( mock.keystore ) with a self-signed certificate ( alias soapui ) and configured SoapUI to use it for https (port 8083):

Now my C# client fails: 

01/09/18 17:11:24: ERROR:Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost:8083'.
System.ServiceModel.Security.SecurityNegotiationException: Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost:8083'. 
---> System.Net.WebException: The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel. 
---> System.Security.Authentication.AuthenticationException: The remote certificate is invalid according to the validation procedure.

WORKAROUND:

I added a ServerCertificateValidationCallback to disable ALL certificate checking: 

ServicePointManager.ServerCertificateValidationCallback =
  (object sender, X509Certificate certificate, X509Chain chain, SslPolicyErrors sslPolicyErrors) =>
  return true;

QUESTION:

What should I do in order for my C# program to "trust" SoapUI, so that I can "connect" with https?

Is there some way I can "import" the certificate?

IN OTHER WORDS:

Q: What do I need to do in order to make my standalone C# app act like a browser does when you "Add Exception" to an https site?

NOTE: There's no authentication of any kind: I'm just trying to do an https connect to SoapUI.

1 answers

solution1
 4 ACCPTED  2018-01-15 21:23:56

If you are using a self signed certificate for testing you can import it in the Trusted Root Certification Authorities store of the user that will run the application and it will be considered trusted by Windows and also in .NET. In the following article from the WCF documentation you have a more detailed guide how to install the certificate. Installing a Certificate in the Trusted Root Certification Authorities Store

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question C# Web service - Could not establish trust relationship for the SSL/TLS secure channel with authority 'noded1.test.webservices.amadeus.com' WCF: Could not establish trust relationship for the SSL/TLS secure channel with authority Error: Could not establish trust relationship for the SSL/TLS secure channel with authority SSL WCF "Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost' Could not establish trust relationship for the SSL/TLS secure channel with authority 'localhost' strange issue Why my client could not establish trust relationship for the SSL/TLS secure channel with authority? WCF client binding to access https service. Could not establish secure channel for SSL/TLS with authority C# application could not establish trust relationship for the SSL/TLS secure channel Docusign C# CreateEnvelope error - Could not establish trust relationship for the SSL/TLS secure channel C# How to solve HtppWebResponse return Could not establish trust relationship for the [SSL/TLS] secure channel?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM