RE: WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.'
- From: stcheng@xxxxxxxxxxxxxxxxxxxx (Steven Cheng[MSFT])
- Date: Mon, 31 Oct 2005 13:08:49 GMT
{\rtf1\ansi\ansicpg936\deff0\deflang1033\deflangfe2052{\fonttbl{\f0\fnil\fprq2\fcharset0 MS Sans Serif;}}
\viewkind4\uc1\pard\lang2052\f0\fs20 Hi Russ,
\par
\par Welcome to Webservice newsgroup.
\par Regarding on the problem in custom WSE3.0 security policy assertion you mentioned, I think the it is likely cause by the following line of code:
\par
\par x509.Reset();
\par
\par
\par I saw you call it after the x509 token being added. Why did you call it? Based on my research, the X509Certificate2 class's Reset method will clear all the certificate related properties and set the m_safeCertContext internal field to InvalidHandle like:
\par
\par this.m_safeCertContext = SafeCertContextHandle.InvalidHandle;
\par
\par So I think you should comment that line of code so as to make sure the certifciate reference is still valid among the WSE policy assertion's processing lifecycle.
\par
\par Thanks,
\par
\par Steven Cheng
\par Microsoft Online Support
\par
\par Get Secure! www.microsoft.com/security
\par (This posting is provided "AS IS", with no warranties, and confers no rights.)
\par
\par
\par
\par
\par \pard\li720 --------------------
\par From: "Russ" <ausername12345@xxxxxxxxxxxxx>
\par Subject: WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.'
\par Date: Mon, 31 Oct 2005 11:25:51 +1100
\par Lines: 75
\par X-Priority: 3
\par X-MSMail-Priority: Normal
\par X-Newsreader: Microsoft Outlook Express 6.00.2900.2180
\par X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180
\par X-RFC2646: Format=Flowed; Original
\par Message-ID: <OsRltGb3FHA.2196@xxxxxxxxxxxxxxxxxxxx>
\par Newsgroups: microsoft.public.dotnet.framework.webservices.enhancements
\par NNTP-Posting-Host: adsl-83-165.swiftdsl.com.au 218.214.83.165
\par Path: TK2MSFTNGXA01.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
\par Xref: TK2MSFTNGXA01.phx.gbl microsoft.public.dotnet.framework.webservices.enhancements:5208
\par X-Tomcat-NG: microsoft.public.dotnet.framework.webservices.enhancements
\par
\par Hi,
\par
\par I am just trying to set up a very simple filter to add x509 signature
\par elements to a soap envelope, but I am getting the following error, and was
\par wondering if someone might be able to point me in the right direction as to
\par what I'm doing wrong.
\par
\par Thanks in advance,
\par Russ
\par
\par ERROR:
\par 'm_safeCertContext is an invalid handle'
\par
\par SAMPLE CODE:
\par public override void
\par SecureMessage(Microsoft.Web.Services3.SoapEnvelope envelope, Security
\par security)
\par \{
\par X509Store store = new X509Store(StoreName.My,
\par StoreLocation.CurrentUser);
\par store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
\par
\par X509Certificate2Collection collection = store.Certificates;
\par
\par X509Certificate2Collection collectionWSE =
\par collection.Find(X509FindType.FindBySubjectDistinguishedName,
\par "CN=WSE2QuickStartClient", false);
\par
\par foreach (X509Certificate2 x509 in collectionWSE)
\par \{
\par X509SecurityToken token = new X509SecurityToken(x509);
\par
\par security.Tokens.Add(token);
\par
\par //MessageSignature signature = new MessageSignature(token);
\par //security.Elements.Add(signature);
\par
\par security.Timestamp.TtlInSeconds = 10;
\par
\par x509.Reset();
\par \}
\par \}
\par
\par STACK TRACE:
\par " at
\par System.Security.Cryptography.X509Certificates.X509Certificate.get_RawData()\\r\\n
\par at
\par System.Security.Cryptography.X509Certificates.X509Certificate.GetRawCertData()\\r\\n
\par at
\par Microsoft.Web.Services3.Security.Tokens.X509SecurityToken.get_RawData()\\r\\n
\par at
\par Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocument
\par document, String valueType)\\r\\n at
\par Microsoft.Web.Services3.Security.Tokens.BinarySecurityToken.GetXml(XmlDocument
\par document)\\r\\n at
\par Microsoft.Web.Services3.Security.Security.SerializeXml(SoapEnvelope
\par document)\\r\\n at
\par Microsoft.Web.Services3.Security.Security.Execute(SoapEnvelope envelope)\\r\\n
\par at
\par Microsoft.Web.Services3.Security.SendSecurityFilter.ProcessMessage(SoapEnvelope
\par envelope)\\r\\n at
\par Microsoft.Web.Services3.Pipeline.ProcessOutputMessage(SoapEnvelope
\par envelope)\\r\\n at
\par Microsoft.Web.Services3.Messaging.SoapSender.FilterMessage(SoapEnvelope
\par envelope)\\r\\n at
\par Microsoft.Web.Services3.Messaging.SoapSender.Send(SoapEnvelope envelope)\\r\\n
\par at Player.ServiceManager.HttpService_RequestReceived(Object senderObject,
\par HttpListeningEventArgs hea) in
\par C:\\\\Projects\\\\Player\\\\Player\\\\Player\\\\ServiceManager.cs:line 126\\r\\n at
\par Player.HttpService.OnRequestReceived(HttpListeningEventArgs hea) in
\par C:\\\\Projects\\\\Player\\\\Player\\\\Player\\\\HttpService.cs:line 161\\r\\n at
\par Player.HttpService.BeginListening() in
\par C:\\\\Projects\\\\Player\\\\Player\\\\Player\\\\HttpService.cs:line 104"
\par
\par
\par \pard
\par
\par }
- References:
- Prev by Date:
Re: MTOM on WSE 3.0 - Next by Date:
Re: MTOM on WSE 3.0 - Previous by thread:
WSE 3.0 X509 Error 'm_safeCertContext is an invalid handle.' - Next by thread:
Re: MTOM on WSE 3.0 - Index(es):