CodeGuru Home VC++ / MFC / C++ .NET / C# Visual Basic VB Forums Developer.com
Results 1 to 2 of 2
  1. November 2nd, 2014, 06:30 AM #1
    Wally76
    Wally76 is offline Junior Member
    Join Date
    Nov 2014
    Posts
    2

    web.config - ASMX Web Service access with client certificate

    Hello All,

    I have a problem with configuration of my asmx web service in web.config file.

    My web service is based on .NET 2.0 framework (I know, pretty old one) and is deployed on IIS 6.0 (also pretty old...).
    It is configured as new web application with the access over https (standard 443 port).
    I need to restrict access to my web service only to the clients with dedicated client certificate.
    Of course I've got both server and client certificates with private keys.

    One more important think, my server (that hosts my web service on IIS 6.0) is placed in LAN (WIndows domain), but the client will be calling web service from external server by some java client application.
    That's we I want to use solution with SSL and client/server certificates and I can't use Windows authentication mode.

    How should I prepare my web.config file for such a combination?
    What authentication mode should I use?

    Please remember, that my web service is ASMX service based on .NET 2.0 framework.
    For now, I don't have any other special requirements.

    Currently my web.config is pretty simple:

    <?xml version="1.0"?>
    <configuration>
    <appSettings/>
    <connectionStrings/>
    <system.web>
    <compilation debug="true"></compilation>
    <authentication mode="Windows" />
    </system.web>
    </configuration>

    With above mentioned "Windows" mode it doesn't work, after setting in IIS that the client certificate is required.

    Please help...

    Regards
    Reply With Quote Reply With Quote
  2. November 2nd, 2014, 04:35 PM #2
    Wally76
    Wally76 is offline Junior Member
    Join Date
    Nov 2014
    Posts
    2

    Re: web.config - ASMX Web Service access with client certificate

    Guys, any ideas?

    I'll add that regarding the configuration of authentication od WS in IIS management console, I have done all things required.
    IMHO the problem is with web.config file and the configuration of WS in it.

    Don't know which authentication mode should I set in this file in my solution.

    MSDN says that there are 4 possible values for mode in .NET 2.0 framework:
    - Windows (I have to call WS from outside of LAN, so the calling app has no valid credentials)
    - Form (it is only WS with no forms)
    - Passport
    - None
    First 2 values are rather not applicable, IMHO. Maybe I'm wrong...

    Once again, any ideas?
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules




Click Here to Expand Forum to Full Width

Featured