Re: Question about using pre-signed certificates

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Dilip Krishnan (dkrishnan_at_NOSPAM.geniant.com)
Date: 01/10/05 

Date: Mon, 10 Jan 2005 06:31:48 -0800

Hello RobbieK,

Try this [0], this [1] and that [2]

[0] - http://support.microsoft.com/kb/819450
[1] - http://weblogs.asp.net/jan/archive/2004/01/28/63771.aspx
[2] - http://weblogs.asp.net/jan/archive/2004/05/08/128394.aspx

HTH
Regards,
Dilip Krishnan
MCAD, MCSD.net
dkrishnan at geniant dot com
http://www.geniant.com

> I am hoping someone can help with a strange problem - I am not very
> savvy with certificates, so bear with my ignorance in that area. I
> have an ASP.NET (1.1) application that calls a web service (non .net)
> over SSL. The owner of the web service asked for a certificate
> request that he would sign and return back (I used OpenSSL to create
> the CR). He provided the certificate and I imported it into my Local
> Machine\Personal certs.
>
> Things weren't working, so to ease troubleshooting, I moved to my
> local laptop (imported the cert there) and created a quick Windows app
> with VB.NET. After fixing the issue (was proxy server related),
> everything was working perfectly. When I went back to the web server
> to implement the working code, I received an error (see below). I
> copied my working VB application directly onto the web server and also
> received the error message.
>
> System.Net.WebException: The underlying connection was closed: Could
> not establish secure channel for SSL/TLS. --->
> System.ComponentModel.Win32Exception: The message received was
> unexpected or badly formatted
>
> The owner of the web service is telling me that he doesn't even see
> the request coming to his server (at least at the point of SSL
> handshaking... his log shows handshake errors if the server is
> reached). I would guess a problem with the cert, but it works great
> from my laptop. Weird thing is that the server where the CR was
> created does not work, but fine from my laptop. I also tried copying
> the application/importing cert to a 3rd computer... doesn't work.
> With such little information reported in the error message, is there a
> way I can tell more specifically what the problem is (and don't say to
> write a SOAP extension :-) unless that's my only hope).
>
> Thanks!!
>

Relevant Pages

  • Re: Using Microsoft Certificate Server Programatically
    ... Client contacts server (web service) with encrypted registration ... The server issues the certificate (not sure how the web service ...
    (microsoft.public.platformsdk.security)
  • Re: Help please....
    ... Error Code: 500 Internal Server Error. ... The certificate chain was ... by running ping FQDN to find whether mapping is correct to ... But when entering the FQDN I get the error message ...
    (microsoft.public.isaserver)
  • Question about using pre-signed certificates
    ... The owner of the web service asked for a certificate request ... He provided the certificate and I imported it into my Local ... After fixing the issue (was proxy server related), ... I would guess a problem with the cert, ...
    (microsoft.public.dotnet.framework.webservices)
  • Re: Help please....
    ... Still same error: Error Code: 500 Internal Server Error. ... I never bothered with the certificate business before ... through certsrv etc and stilll no joy, as the error message is now: ... see one ip address being the external one on the internet. ...
    (microsoft.public.isaserver)
  • Re: Direct Push does not connect using external FQDN
    ... If I use a self signed cert, OWA works and I can get Mobile to synch ... message that WMDC cannot verify the exchange server settings. ... The security certificate on the server is not valid. ... If I use FQDN I get error message stating that the server certificate ...
    (microsoft.public.windows.server.sbs)