Larry said:Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated for me
when I add the reference (comes from the Svcutil). I'd like to be able to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What am I
missing here? Any suggestions would be greatly appreciated!
Larry
Larry said:Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an entry
like this:
Larry said:Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated for me
when I add the reference (comes from the Svcutil). I'd like to be able to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What am I
missing here? Any suggestions would be greatly appreciated!
Larry
Larry said:Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an entry
like this:
Tiago Halm said:The encoded value is the public key of the X.509 certificate. The client
uses this public key to encrypt a given message, which the private key
owner
(the web service) is able to decrypt.
When the web service owner decides to change the certfificate, this change
will (eventually) involve a change in the public key which will be
reflected
in the WSDL. The client should be able to update the reference (re-process
the WSDL) when the certificate changes.
I suspect, but may be wrong, that you may renew the certificate while
maintaining the private/public key pair.
Tiago Halm
Larry said:Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use
wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a
long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated for
me
when I add the reference (comes from the Svcutil). I'd like to be able
to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What am I
missing here? Any suggestions would be greatly appreciated!
Larry
Larry said:Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an
entry
like this:
Larry said:There is more to this encoded value than just the public key. As I
mentioned previously, the encoded value begins with AwAAAAEAAAAUAAAARF and
doesn't have until later in the value MIIE (the start of the public key).
It kind of looks like it starts with an encoded thumbprint or signature.
I see though that I won't have to change this value unless a new key pair
is needed.
Thanks for your help!
Tiago Halm said:The encoded value is the public key of the X.509 certificate. The client
uses this public key to encrypt a given message, which the private key
owner
(the web service) is able to decrypt.
When the web service owner decides to change the certfificate, this
change
will (eventually) involve a change in the public key which will be
reflected
in the WSDL. The client should be able to update the reference
(re-process
the WSDL) when the certificate changes.
I suspect, but may be wrong, that you may renew the certificate while
maintaining the private/public key pair.
Tiago Halm
Larry said:Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use
wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a
long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated for
me
when I add the reference (comes from the Svcutil). I'd like to be able
to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What am
I
missing here? Any suggestions would be greatly appreciated!
Larry
"Larry" <none> wrote in message
Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an
entry
like this:
Tiago Halm said:Larry,
See here, see if it helps to generate the value (haven't checked):
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=597530&SiteID=1
Tiago Halm
Larry said:There is more to this encoded value than just the public key. As I
mentioned previously, the encoded value begins with AwAAAAEAAAAUAAAARF
and doesn't have until later in the value MIIE (the start of the public
key). It kind of looks like it starts with an encoded thumbprint or
signature. I see though that I won't have to change this value unless a
new key pair is needed.
Thanks for your help!
Tiago Halm said:The encoded value is the public key of the X.509 certificate. The client
uses this public key to encrypt a given message, which the private key
owner
(the web service) is able to decrypt.
When the web service owner decides to change the certfificate, this
change
will (eventually) involve a change in the public key which will be
reflected
in the WSDL. The client should be able to update the reference
(re-process
the WSDL) when the certificate changes.
I suspect, but may be wrong, that you may renew the certificate while
maintaining the private/public key pair.
Tiago Halm
Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use
wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a
long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated for
me
when I add the reference (comes from the Svcutil). I'd like to be able
to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks
like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What am
I
missing here? Any suggestions would be greatly appreciated!
Larry
"Larry" <none> wrote in message
Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an
entry
like this:
Larry said:It doesn't quite get me what I need. Any idea where I can find any
documentation on what this value is and how its generated? Some
documentation says that "This element specifies a Base64-encoded X.509
certificate value to compare with the client." but then also says that
"This element restricts authentication to a single certificate based upon
its thumbprint value." So if anything changes that affects the
thumbprint, this value will have to be regenerated (quotes taken from
http://msdn.microsoft.com/en-us/library/ms733130.aspx).
I also run a pretty good chance that the customer(s) may want to use their
own certificate anyways, so I'll need a good way of updating this
encodedValue (outside of my dev environment). Any other thoughts on how
this can be done? Its got to be pretty common to have to change this
value since certificates expire, company processes require updating of
certificates/key pairs or other other update problems. Is there any
documented procedure for doing this?
Tiago Halm said:Larry,
See here, see if it helps to generate the value (haven't checked):
http://forums.microsoft.com/MSDN/ShowPost.aspx?PostID=597530&SiteID=1
Tiago Halm
Larry said:There is more to this encoded value than just the public key. As I
mentioned previously, the encoded value begins with AwAAAAEAAAAUAAAARF
and doesn't have until later in the value MIIE (the start of the public
key). It kind of looks like it starts with an encoded thumbprint or
signature. I see though that I won't have to change this value unless a
new key pair is needed.
Thanks for your help!
The encoded value is the public key of the X.509 certificate. The
client
uses this public key to encrypt a given message, which the private key
owner
(the web service) is able to decrypt.
When the web service owner decides to change the certfificate, this
change
will (eventually) involve a change in the public key which will be
reflected
in the WSDL. The client should be able to update the reference
(re-process
the WSDL) when the certificate changes.
I suspect, but may be wrong, that you may renew the certificate while
maintaining the private/public key pair.
Tiago Halm
Sorry about the miss submission.
Like I said, I'm using WCF with my web service calls and use
wsHttpBinding
with certificates and set with message encryption. When I create my
service reference, I end up getting an entry something like this in
the
<client /> section of the web.config:
<endpoint address="http://<my service address>"
binding="wsHttpBinding" behaviorConfiguration="certConfig"
bindingConfiguration="wsHttpBindingConfig"
contract="<my contract>" name="wsHttpBindingConfig">
<identity>
<certificate encodedValue="<AwAAAAEAAAAUAAAARFl...MIIE...< more of a
long
encoded string>" />
</identity>
</endpoint>
The encodedValue in the certificate node is automatically generated
for me
when I add the reference (comes from the Svcutil). I'd like to be
able to
replace this value when certs are updated. What is this value made up
from and how can I programmatically update it (using c#)? It looks
like
it has more than the base64 encoded value of the certificate.
I tried something like this:
byte[] bytes = myCert.Export(X509ContentType.SerializedCert);
string base64Cert = Convert.ToBase64String(bytes);
which did not come out the same as what's in the encodedValue. What
am I
missing here? Any suggestions would be greatly appreciated!
Larry
"Larry" <none> wrote in message
Hello,
I use WCF with my web service calls and all of the communication is
secured with certificates. When I create my service reference, an
endpoint gets created with the correct information. It includes an
entry
like this:
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.