1

I created a self hosted HTTPS WCF web service running on my Localhost machine. Now i make a request to this web service from a GWT based application hosted on some domain.

I use self-signed X.509certificate which is not approved yet. Whenever my GWT application make requests, It shows an error because of untrusted Certificate. Can i bypass this error from my GWT client code or suggest me an alternative solutions ?

Is there are any other protocol which supports WCF service that we can use for communication and will not trigger the security alert from browser?

Updated

Whole scenario:

  • You installed a exe in your system, which take cares of WCF web service and importing certificate to your local machine.

  • You open a GWT based website from your browser. Let's say some.com

  • some.com continuously polling a request to his/her local machine. Let's say on https://localhost:8098/{someendpoint}

But because of this HTTPS and untrusted certificate. It is not able to make request.

Amit Pal
  • 10,604
  • 26
  • 80
  • 160

1 Answers1

0

since you said

Let's start with local testing

How about installing your self signed certificate onto the machine on which you are testing the GWT ?

You should be able to double click the certificate and follow the prompts/wizard to install it.

This applies to development only (for production you'd need a proper certificate)

wal
  • 17,409
  • 8
  • 74
  • 109
  • I think you misunderstood the scenario. A `GWT` application is hosted on `some.com`. I open that site which is continuously polling a request on `https://localhost:8083/{some endpoint}`. Each user who are using open `some.com` have to installed a `exe` which all take care of installing the certificate to his/her system with this `WCF` self hosted web service. It doesn't affect the production environment because everytime web application make request to `localhost` – Amit Pal Feb 28 '13 at 07:42
  • @AmitPal then the cert should be trusted. what browser are you using? are you able to trust the certificate via the browser to see if that fixes the issue. (short term then will figure out why browser is not trusting your installed cert) – wal Feb 28 '13 at 08:32
  • `chrome and IE`, how to able to trust the certificate from browser? Are you talking about `Add exception`? – Amit Pal Feb 28 '13 at 08:48
  • I tried after adding exception in `Firefox`. It works fine but can i do this without adding exception? – Amit Pal Feb 28 '13 at 08:54
  • see http://stackoverflow.com/questions/681695/what-do-i-need-to-do-to-get-internet-explorer-8-to-accept-a-self-signed-certific if you dont want a manual step then you will need to install the certificate into `Personal->Certificates` on the `Local Computer` but why do you need https for `localhost` communication? seems pointless – wal Feb 28 '13 at 08:58
  • Because `some.com` is based on 'HTTPS' with approved certificate. So, whenever we call `HTTP` web service from a 'HTTPS' application. It throws an error i.e. `Insecure content want to access and it block the whole web page` :( I installed the certificate in `Personal->Certificates` on the Local Computer using `MMC` – Amit Pal Feb 28 '13 at 09:17
  • is it in 'Local Computer' group? see screenshot i added to my answer – wal Feb 28 '13 at 09:29