Re: Can't connect to SSL SOAP endpoint
- From: petery@xxxxxxxxxxxxxxxxxxxx ("Peter Yang[MSFT]")
- Date: Fri, 16 May 2008 06:24:47 GMT
Hello Hans,
Thank you for your reply!
As I mentioned, we could use makecert to create self-signed certificate on
localmachine store:
makecert -r -pe -n "CN= sha-test-01" -b 01/01/2000 -e 01/01/2036 -eku
1.3.6.1.5.5.7.3.1 -ss my -sr localMachine -sky exchange -sp "Microsoft
RSA SChannel Cryptographic Provider" -sy 12
Makecert is a tool in .Net framework SDK. If you have .Net framework SDK or
VS 2005 installed , you may find it under
C:\Program Files\Microsoft Visual Studio 8\SDK\v2.0\Bin
If you don't have this on Win2008 server, you could copy it from a machine
with this tool installed.
After that, you could use certutil to get the information of the
certificate you just installed:
certutil -store "my" "sha-test-01"
================ Certificate 9 ================
Serial Number: 19349a16ea0d85a447d063e3d1323584
Issuer: CN=sha-petery-01
Subject: CN=sha-petery-01
Signature matches Public Key
Root Certificate: Subject matches Issuer
Cert Hash(sha1): af 62 e5 62 82 6d af 7f 92 de 7e 39 40 a2 75 eb 66 90 0e 71
Key Container = d3350ac9-43fb-40c7-a27c-25579259ae9c
Provider = Microsoft RSA SChannel Cryptographic Provider
Encryption test passed
======================
Note: By deault certutil is installed by OS and you use it directly in
command prompt.
The GUID you want is "Key Container" information in above output and in
this example: d3350ac9-43fb-40c7-a27c-25579259ae9c
The Certhash is af 62 e5 62 82 6d af 7f 92 de 7e 39 40 a2 75 eb 66 90 0e 71
in this sameple.
After that, you could try to install the certificate for SSL/https useage
netsh http add sslcert ipport=192.168.1.10:5000 certhash=
af62e562826daf7f92de7e3940a275eb66900e71
appid={ d3350ac9-43fb-40c7-a27c-25579259ae9c}
Note: You should use IP address and port according to the server and SSL
port you use in Webservice definition. For example:
CREATE ENDPOINT Sample_EP
AS HTTP (
SITE='*',
PATH='/SQL/test',
AUTHENTICATION=(INTEGRATED),
PORTS=(SSL),
SSL_PORT =5000
)
FOR SOAP (
WEBMETHOD
'testp1'(NAME='mytest.dbo.testp1'),
LOGIN_TYPE = Mixed,
WSDL=DEFAULT,
SCHEMA = STANDARD
)
If anything is unclear, or you have further questions, please feel free to
let's know. Thank you.
Best Regards,
Peter Yang
MCSE2000/2003, MCSA, MCDBA
Microsoft Online Partner Support
=====================================================
When responding to posts, please "Reply to Group" via your
newsreader so that others may learn and benefit from this issue.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
.
- Follow-Ups:
- Re: Can't connect to SSL SOAP endpoint
- From: Axel Dahmen
- Re: Can't connect to SSL SOAP endpoint
- References:
- Re: Can't connect to SSL SOAP endpoint
- From: Axel Dahmen
- Re: Can't connect to SSL SOAP endpoint
- From: "Peter Yang[MSFT]"
- Re: Can't connect to SSL SOAP endpoint
- From: Axel Dahmen
- Re: Can't connect to SSL SOAP endpoint
- Prev by Date: RE: how to failover sql server (programming, UDL)
- Next by Date: 2005 Restoring
- Previous by thread: Re: Can't connect to SSL SOAP endpoint
- Next by thread: Re: Can't connect to SSL SOAP endpoint
- Index(es):
Relevant Pages
|
Loading
