Re: Windows Mobile + https + clientcertificates?
- From: "Dylan DSilva \(MS\)" <ddsilva@xxxxxxxxxxxxx>
- Date: Mon, 29 Oct 2007 15:33:02 -0700
http://msdn2.microsoft.com/en-us/library/ms905663.aspx has information on
how to use SSL with Wininet which is probably what will work best for your
application. You can also make use of SSL through lower level interfaces
such as Winsock (Secure sockets) or the SSPI.
--
Dylan DSilva
Software Development Engineer
Microsoft Corporation
This posting is provided "AS IS" with no warranties, and confers no rights.
You assume all risk for your use. © Microsoft Corporation. All rights
reserved.
"Anthony Jacques" <AnthonyJ@xxxxxxxxxxxxxx> wrote in message
news:B44356E5-DE79-4491-860F-7B17D84E1C1C@xxxxxxxxxxxxxxxx
Hi all,
I am trying to write an application which communicates with a webservice
via SOAP, from a Windows Mobile 6 device.
The web server is configured to use SSL and client certificates for
authentication. Additionally, the server certificate on the test server is
self-signed (the live server is not), and so the client application needs
to be able to ignore server certificate errors (non trusted CA), and also
supply the correct client certificate.
I have written applications under Windows XP which are able to cope with
this, but as yet have been unable to port them over to the WM6 device. I
have so far tried two approaches:
- C# using a proxy class created from the .wsdl. When running from the
Windows XP environment, I had to set the ClientCertificates member, and
also an ICertificatePolicy to ignore the certificate errors on the test
server. I am unable to do either of these things in the .NET Compact
Framework.
- C++, using msxml's IXMLHTTPRequest object to submit the request. Under
XP I was able to use IServerXMLHTTPRequest and use setOption to set both
the client certificate, and the server certificate error handling options,
but since this interface doesnt exist in the WM6 implementation of msxml
this seems a dead end too. When using IXMLHTTPRequest, unlike under XP,
the client prompts for the certificate from the local store, but I still
get an error (status 0 for some reason, and no response data), which I
assume is because of the self-signed server certificate? Also, it wouldnt
really be acceptable to prompt the user each time for the certificate, so
I would want to do this programatically.
It seems like this should be possible as IE is able to connect once I have
supplied the client certificate - so am I simply missing the right
interface? Does anyone have any suggestions on how I can get this to work?
Does nobody else out there use client certificates in a mobile
environment? I expected the security aspects to be even more important in
a mobile environment, so am surprised that this seems to be unsupported
functionality.
TIA
Anthony
.
- References:
- Windows Mobile + https + clientcertificates?
- From: Anthony Jacques
- Windows Mobile + https + clientcertificates?
- Prev by Date: Re: new ActiveXObject - need help with creating ActiveX working on web
- Next by Date: Re: Services in Win CE device
- Previous by thread: Windows Mobile + https + clientcertificates?
- Next by thread: Splash screen on Win CE SBC
- Index(es):
Relevant Pages
|
