We have ASP.Net generic handlers that support HTTPS requests only.
Example: https://{domainname}/userservice/getfriends.ashx
Please suggest a solution for processing the https requests in Winows Phone 7.1 using HttpWebRequest. When I am binding the https images (for example https://{domainname}/userserivce/23232.jpg only), it's raising the error.
Is your SSL certificate signed by a Root Certification Authority trusted by Windows Phone (example: Verisign) or is it a self-signed certificate?
If it's not from a valid trusted root certification authority, export the signing root certificate, send it by email to the device, and then install the certificate; check this answer for more info.
Related
I'm working in a lab environment. I have a Windows-based CA and an SSL-secured website on IIS (on the same machine) with a cert issues from that CA.
When I browse to this site in Firefox using SSL, I get an error "The certificate is not trusted because the issuer certificate is unknown."
If I go to Tools -> Options -> Advanced -> Certificates -> View Certificates -> Authorities, my CA's cert is in the list. If I double-click that certificate, I get "Could not verify this certificate because the issuer is unknown."
Isn't the whole point of adding a CA's cert into the Authorities list to tell Firefox, "Hey... you know this CA, go ahead and trust the certs that it issues?"
How do I fix this problem?
Firefox is (most in his Desktop versions) very special in checking certificates. Where Google Chrome meets the root certificate, Firefox needs the FULL chain up to the root certificate in your crt file. And don't forget to prefix https:// to request!
I added self signed certificate in .pem format in Firefox under Authorities tab. When I access site, Firefox throws error
mozilla_pkix_error_ca_cert_used_as_end_entity
It says that the certificate is not trusted because it is self signed. What can be issue?
If you add the certificate as authority then it should be used as authority, i.e. for signing other certificates. If you instead use it as a server certificate (i.e. as end entity and not authority) then it should not be added as authority to firefox but instead as server certificate. This will be automatically done if the certificate is not known and you click through the certificate error messages when connecting to your site and accept the sites certificate permanently.
You should also make sure that your certificates contains the necessary key purpose to be used as a server certificate.
I have doubt in Windows 7 Phone Application Development.
I need to acess the web service using HttpWebRequest in SSL How can I configure HttpWebRequest as for SSL and allow if Certificate is InValid..
For Example:
I need to Acess API "www.example.com?value=stringVale" and I will get a response as XML and I need to Process It.
when I Give a URI as "https://www.example.com/mainPage.php?Value=stringVale" I get an Breaking Issue.
so How can I access webservice using HttpRequest with SSL Layer.. with InValid Certificate?
Thanks
Dinesh
You need to have a certificate issued by an authority that is recognised by the platform.
This is the latest list I've seen (posted by Shaun Taulbee) in this thread.
push notifications from authenticated services
You can get a 30 day trial cert that's handy for testing from GeoTrust.
How to access the secured "HTTPS" webservice in Windows Phone 7. The secured certificate is not given, I should either skip or ignore the error message. Any help?
The site you're accessing needs to have a valid certificate from an issuer recognised by the platform. The latest list of these issuers I've seen is here.
push notifications from authenticated services
Note Geotrust will give you a 30 day trial certificate which is handy for testing.
I have my own SSL for development purposes. Normally when IE would give you the WARNING you could simply install the certificate, resart IE and go back to the server without warning. In IE8 I cannot avoid the warning. I have installed the certificate into every single store without success using both the MMC and cert manager in IE8. WHAT AM I MISSING?!
Add the site to trusted sites. Then you will have the option to install the certificate after clicking the Certificate error box and then View Certificate.
Which certificate are you trying to install?
You must install the ROOT certificate, not the END-ENTITY certificate which is signed by that self-signed root. It should go in the Trusted Root Certification authorities store.
Make sure your cert's CommonName matches the domain name. For example, if you website will be accessed at 'https://www.example.com', CommonName should be 'www.example.com'. If this doesn't match, nothing you do in the second and third step will matter.
Run IE8 in administrator mode and navigate to your HTTPS URL. Continue beyond warning, then view the site's cert to access the 'Install Certificate' button.
Add the cert to Trusted Root CA Certificates.
Restart IE8 in protected mode then navigate to your HTTPS URL again. All warnings should be gone.
I could not install the certificate from IE. I had to finally use MMC (Management Console). Instructions here: http://technet.microsoft.com/en-us/library/cc757688(v=ws.10).aspx