I have a problem with consuming a java webservice over SSL. I have two approaches, one with .net4.0 and one with .net2.0. Unfortunately the .net4.0 approach did not work. However, the earlier version (2.0) is working correctly:
class Program
{
static void Main(string[] args)
{
try
{
Srv.Service client = new Srv.Service ();
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
string findValue = "IssuerName";
X509Certificate2Collection certsCollection = store.Certificates.Find(X509FindType.FindByIssuerName, findValue, false);
X509Certificate2 cert;
if (certsCollection.Count > 0)
{
cert = certsCollection[0];
client.ClientCertificates.Add(cert); // Only in .net 2.0
}
client.MethodA();
}
catch (Exception e)
{
string msg = e.Message;
}
}
}
After that I did something similar in .net4.0 client (throws 'Could not establish secure channel for SSL/TLS with authority {server_name}' Exception):
class Program
{
static void Main(string[] args)
{
try
{
Srv.ServiceClient srv = new Srv.ServiceClient();
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
string findValue = "IssuerName";
X509Certificate2Collection certsCollection = store.Certificates.Find(X509FindType.FindByIssuerName, findValue, false);
X509Certificate2 cert;
if (certsCollection.Count > 0)
{
cert = certsCollection[0];
srv.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2();
srv.ClientCredentials.ClientCertificate.Certificate = cert;
}
client.MethodA();
}
catch (Exception e)
{
string msg = e.Message;
}
}
}
Why is almost the same code is working in 2.0 and throwing an exception in 4.0? Or maybe I am doing it wrong in second example? Overriding of ServicePointManager.ServerCertificateValidationCallback did not help...
Why I cannot add user certificate by Add method in 4.0 like it is done in 2.0 framework?
Edit: I am not using IIS. I am consuming webservice which is hosted on JBoss.
In second example i get following exception:
Could not establish secure channel for SSL/TLS with authority {server_name}