0

I am using some of the local machine's resources using COM interop functionality provided in Silverlight 4.0. Hence, naturally I need OOB with elevated permissions. However, in my case I am consuming the WCF services hosted on HTTPS channel. Here is where I am facing the problem. The OOB with elevated permissions applied, doesn't allow me consuming the HTTPS service hosted on either different or the same domain, giving me a NotFound exception. Please note that I have used the self-signed certificate for the development environment. The same is also installed in the Trusted Root folder of the client machine on which I am testing.

Interestingly, when I set the Fiddler options (in Fiddler session, Toos -> Fiddler Options -> HTTPS tab) to intercept the HTTPS traffic, with Decrypt HTTPS traffic checkbox set, I am able to use the same HTTPS service without any exception. But for that, I was told by Fiddler to store a temporary certificate inside my user profile's Fiddler directory, and I must have at least one Fiddler session at that time. Hence, it seems to be a certification issue. But does it relate in anyway to signing of the XAP file with the required certificate ? I am not sure. I tried with a self-signed certificate and bind my layer service URL to use that certificate. Then I install the same certificate to Trusted root folder of the client. But i was not successful in signing the XAP with that certificate.

Please let me know if you have any work-around.

Chandresh Makwana
  • 61
  • 1
  • 4

2 Answers2

0

I had the same problem and found out, that the SSL settings in IIS were wrong.

I configured IIS 7.5 to SSL only and to accept client certificates. With this settings, I ended up with the service not found error in OOB. After setting IIS to ignoring client certificates the OOB Application works fine.

float
  • 1,265
  • 5
  • 22
  • 38
0

If the code is running in a different user's context, you need to put your "Self-signed" certificate into the Machine Trusted Root store. Start mmc.exe. On the File menu, choose to Add a Snap-in. Add the Certificates snap-in. Pick Local Machine. Import the Self-signed root into the Trusted Root store.

EricLaw
  • 56,563
  • 7
  • 151
  • 196
  • Hi Eric, thanks for your reply. Further, the code is running in the same user context. And I am using the self signed certificate for the node hosting the WCF service, and bound HTTPS channel through that certificate. This same certificate is also there in the trusted root store. Even though I am unable to access the same. I even could not sign the XAP with that certificate, with an error displaying that the certificate doesn't have private key. Do I need to use the locally generated self-signed certificate and put it into the trusted root store ? Or the certificate used to bind the channel ? – Chandresh Makwana Jun 08 '11 at 07:44