I have WCF Service hosted in IIS using https and self sign certificate created from IIS for my local pc
If i enter in my desktop browser the following link:
https://MyHostName:MyPort/MyService.svc WORKS and is secured.
The same link in different pc in my local LAN gives me warning that this site is not secure and asks me to click and verify that i want to proceed and when i do it i can see the service .. ( which i assume has something to do with my certificate)
MAIN PROBLEM
The same link again FAIL using android google chrome with out give me a warning . Just fail with the error "This site can't be reached.... ERR_NAME_NOT_RESOLVED"
Please help.
I am trying to connect to the service from my xamarin Forms android application (https) but before that i try to test the wcf service from my android browser to verify that the service is available before trying to connect
if this is due to certification how can i configure it correctly to be secure? should i buy one?
i was hoping to test my service before proceeding buying one.
anyone has any ideas?
using valid certificate fixed the issue.
Related
I am currently working on an .NET 5 & SignalR application and in localhost everything seems to be working fine. When I try to deploy it to IIS pre-production Server which doesn't have a SSL certificate configured, pages other than Login are showing the message "This site can’t provide a secure connection". In the login page from the browser console I can see that most of me javascript and css files aren't loaded with the error "Failed to load resource: net::ERR_SSL_PROTOCOL_ERROR". Also from what I can see after user logs in, the request is redirected to Https.
I have removed app.UseHttpsRedirection(); from the Startup and disabled SSL in the Debug properties of the application. That seems to be a wired behavior because I used to deploy applications in .NET CORE before and didn't have these kind of problems. is there any way around this problem, except configuring an SSL certificate?
From the suggestions in server fault, configuring a self-signed certificate provided by IIS itself seems to be the problem solver. Still I don't get why the application was making that https redirection, but anyways in case someone else has this kind of issue.
I have a website host on IIS 10 and installed wild card SSL. The website is working fine on all other machines and on the server as well. When i access it on my window 10 machine, it is asking to confirm the security certificate and credentials. If i press the ok button the site went to 403 Forbidden error.
This issue was related to the server. My Hosting provider has made the following changes at IIS.
IIS -> Websites -> Go to website -> SSL settings
client certificate to ignore
I have mattermost installed in my local server, currently login to it using http://192.168.x.x:8065, and I've setup a ddns port forwarding for it, means that I can login to mattermost using http://xxx.ddns.net:8065 as well.
Now I'm going to install https SSL for it, I tried using self-signed certificate, it seems work fine when I login from my desktop (chrome, firefox, desktop app).
But when it comes to iPhone native app, my mattermost will trigger error message:
Please check connection, Mattermost unreachable. If issue
persists, ask administrator to check WebSocket port.
and now all the messages coming to mattermost will not be shown and no notification at all until we manually refresh the app.
Is there any suggestion on overcoming this issue? Is it because iPhone tried to block any untrusted / self-signed certificate?
Thank you.
Best regards,
Kong
You are correct that the iPhone does not trust your self-signed certificate out of the box. An easier way to get this working would be to get a free SSL certificate for xxx.ddns.net using a service like Let's Encrypt, which will be trusted out-of-the-box by your iPhone.
This is especially straightforward to do with Mattermost, as it has built in support for using a Let's Encrypt certificate. You can configure this by following the steps in the documentation here
We have a HTTPS RESTFul service running in IIS. We are able to successfully call it using the browser. However, when we call the service from a worklight adapter, we are getting the following exception:
"javax.net.ssl.SSLPeerUnverifiedException"
The worklight adapter was working perfectly fine when we were using HTTP instead of HTTPS.
We have followed all the steps mentioned in the documentation:
Create certificate using keytool in the IIS server. Bind it to the RestFul service.
Exporting the public key to a .cert file
Importing the file into Worklight keystore
Mentioned https as the protocol in the adapter.xml.
We have even verified the default.keystore of the worklight, it is matching with the certificate present in the IIS server.
We don't need mutual authentication. We just want to use SSL in the RestFul service deployed in the IIS.
Thanks,
Pavan
You forgot to add the certificate to your device's trust store. Since it is self signed, devices will not trust them by default. To do so, follow the steps here for your device's OS: http://www-01.ibm.com/support/knowledgecenter/SSZH4A_6.2.0/com.ibm.worklight.installconfig.doc/admin/c_ssl_config.html?lang=en
Specifically, look at this for iOS and this one for Android.
I have a WP7 app that communicates with the back-end via a WCF service.
A customer has asked if the app can be made more secure by communicating via an ISA server using Open SSL.
The ISA server would be public facing with the IIS Server hosting the WCF service behind a firewall. I will have to load the public cert onto the phone and have read that this can be achieved by emailing the cert then running the attachment.
I'm not clued up on ISA, Open SSL or certificates and am hoping someone can tell me if this is possible or not.
Any ideas?
Edit
I'm hoping for a little about how to configure the WCF proxy on the phone.
You need the the Root CA of the cert on the phone. You can do this a couple of ways. The simplest would be to email it to the phone as an attachement (p7b format). On the phone simply open the attachement and the phone will prompt you to install the cert (p7b). This will install the cert into the cerificate store. A good way to test if it is working right is to hit an HTTPS web URL in IE from the phone, if you dont get any security prompts about an untrusted cert it is working correctly.
You will need to have your SSL terminate at the ISA/UAG box. This would have the server cert set up on it and use it to secure the SSL channel for the web app.
More information on configuring publishing with UAG (next gen of ISA) is here: http://technet.microsoft.com/en-us/library/ee406221.aspx