How to create a service reference in VS 2012 over SSL
ie service is available # ![https:\theprovider.com\someservice.asmx]
When i tried to add the the service link in VS 2012 i'm getting the following error
"The request was aborted: Could not create SSL/TLS secure channel."
Pls comment
Related
Recently used IISCrypto to disable protocols less than TLS 1.2 on the IIS web server. Starting to see numerous SCHANNEL errors in the event log like so:
A fatal error occurred while creating an SSL client credential. The internal error state is 10013.
How do you determine which app is logging this error?
One of the .net solution which is built on framework 4, we are using this solution to generate some security token based on DefaultNetworkCredentials, i have registered this dll in register(regasm /codebase) and consuming this from classic asp application and its working fine in my local machine.
But when do same step in windows server 2003 and trying to access from IIS(classic asp is hosted in IIS) it is failing to take DefaultNetworkCredentials
and i am getting below error,
"The remote server returned an error: (407) Proxy Authentication Required".
code in .net solution to get DefaultNetworkCredentials,
var proxyObject = new WebProxy("Proxy", 80)
{
Credentials = CredentialCache.DefaultNetworkCredentials
};
Can anyone helpme on this, is this something settings in server or IIS?
My goal is to let intranet user's credentials pass through a asp.net webpage to an SAP RFC.
Background
We have SAP SSO setup with our AD system. Users can open the SAP gui and login without entering a username/password.
We are using ERPConnect to call RFCs in SAP. If we supply credentials to the connection string it works great. We can also use the following code below to use SSO if the webpage is running on our local machine.
Dim db As New SAPContext("ashost=sapsandbox.xxxsap.ad.xxx.com snc_mode=1 sysnr=00 SNC_QOP=9 snc_partnername=p:SAPUserAccount#xxxSAP.AD.XXX.COM SNC_LIB=C:\windows\system32\gsskrb5.dll")
When we move to a windows 2003 server machine running IIS6 we get the following error.
SAP_CMINIT3 : rc=20 > Connect to SAP gateway failed
Connect_PM GWHOST=sapsandbox.xxxsap.ad.xxx.com, GWSERV=sapgw00, SYSNR=00
LOCATION CPIC (TCP/IP) on local host
ERROR GSS-API(maj): Miscellaneous Failure
GSS-API(min): Kerberos SSPI not usable with this User account
STOP! -- initial call to gss_indicate_mechs() failed
TIME Fri Sep 02 14:13:47 201
RELEASE 710
COMPONENT SNC (Secure Network Communication)
VERSION 5
RC -1
MODULE sncxxdl.c
LINE
I have disabled anonymous access on my IIS6 site. I have also followed this article on how to enable kerberos authentication on IIS6.
Does anyone know how to get this working? We could move to IIS7 if there is an easier way to get it to work with that.
EDIT
I set <identity impersonate="true" /> and I get a new error now.
SAP_CMINIT3 : rc=20 > Connect to SAP gateway failed
Connect_PM GWHOST=sapsandbox.xxxsap.ad.xxx.com, GWSERV=sapgw00, SYSNR=00
LOCATION CPIC (TCP/IP) on local host
ERROR GSS-API(maj): Miscellaneous Failure
GSS-API(min): SSPI::AcqCredHdl(INI)==No credentials available
in secur
Could't acquire DEFAULT INITIATING credentials
TIME Tue Sep 06 11:45:11 201
RELEASE 710
COMPONENT SNC (Secure Network Communication)
VERSION 5
RC -4
MODULE snc
EDIT
I think I have to have AD setup to use SPN. Here's what I saw on this question.
Set up a SPN on your application pool account for your front end application
Not familiar with SAP, but delegation is key here in addition to SPN, AD has to trust the machine sending the kerberos ticket, I'd highly recommend reading this article:
Understanding Kerberos Double Hop
Hi I am trying to add a web service in flex 4. This web service is deployed in share point 2010 in the intranet . I am able to see this wsdl file through browser but trying to introspect the service is giving an authentication error.
I am getting the following error :-
There was an error during service introspection.
WSDLException: faultCode=OTHER_ERROR: Unable to resolve imported document at 'http://sql2008:47672/_vti_bin/StoryboardingDatabaseConnect.asmx?WSDL'.: java.io.IOException: Authentication failure
Edit :-
Have added the video showing the error at http://www.youtube.com/watch?v=moXfxmiHAqQ
The Data Services Wizard does not support (as of now, afaik) connection to https services, neither to ones that need authentication.
So you should add your credentials manually to your soap request's header using name-value pairs:
[{name: "userName", value: "yourUserName"},
{name: "password", value: "yourPassword"}].
You can read more about it in the Working with SOAP Headers section of this article (Using WebService components).
You might also find this post from the Adobe forums useful, elaborating this issue.
I'm setting up a new PC and I installed my project to work with. It is a .NET Remoting 2.0 application that uses the ASP.NET development server to host the server side while developing. I'm getting the following error when I make requests to the server:
"The remote server returned an error: (403) Forbidden. "
I've checked the credentials being passed in and everything seems to be correct. The call is all local to my dev box and to top it off. The code hasnt' changed and all of my colleagues are working fine. Any ideas?
OK. I've found the answer ... better part of a day shot though. Turns out the 403 error is thrown by one of our channel sink providers that filters on IP values. The channel sink provider was written with some big assumptions.
First off, it is looking for the address of the calling machine and comparing it to an ip whitelist. The author blindly gathered the first first entry in the list:
Dns.GetHostEntry(machineName).AddressList[0].Address
Turns out on my new machine, I have IPv6 enabled, so the first entry is actually the IPv6 entry. After referencing the MSDN, I discovered that the Address property is now "Obsolete", for obvious reasons.
What is the error subcode?
403 - Forbidden. IIS defines several different 403 errors that indicate a more specific cause of the error:
• 403.1 - Execute access forbidden.
• 403.2 - Read access forbidden.
• 403.3 - Write access forbidden.
• 403.4 - SSL required.
• 403.5 - SSL 128 required.
• 403.6 - IP address rejected.
• 403.7 - Client certificate required.
• 403.8 - Site access denied.
• 403.9 - Too many users.
• 403.10 - Invalid configuration.
• 403.11 - Password change.
• 403.12 - Mapper denied access.
• 403.13 - Client certificate revoked.
• 403.14 - Directory listing denied.
• 403.15 - Client Access Licenses exceeded.
• 403.16 - Client certificate is untrusted or invalid.
• 403.17 - Client certificate has expired or is not yet valid.
• 403.18 - Cannot execute requested URL in the current application pool. This error code is specific to IIS 6.0.
• 403.19 - Cannot execute CGIs for the client in this application pool. This error code is specific to IIS 6.0.
• 403.20 - Passport logon failed. This error code is specific to IIS 6.0.