0

I'm a not good at Web services and C#. I looked at other threads but I can't seem to find a solution. I think because I'm using SSIS I can't use WSE or WCF approaches.

I'm looking for a solution to exchange data between an application server and a secured web service. Overview:

  • There is a PFX file present which contains the client certificate and the private key.

  • The PFX is installed on the application server.

  • I can't approach the service endpoint through a browser e.g. internet explorer. Even with a certificate.

  • I received a SOAPUI project with already the bindings and methods defined (Can't insert the URL). I just needed to reference the PFX file in the settings. I compile a test for a method in the form of a SOAP message and I succesfully receive a response.

I need to generate the following SOAP header structure:

Picture

Now in C# how can I realize the same effect as in SOAPUI? At first I tried manually composing the soapmessage and posting it to the service, but I think this is not possible, because I can't seem to generate a security binary token. Now I'm thinking about generating proxy classes. Since I don''t have acces to the URL endpoint, I'll have to use offline versions of the WSDL + XSD's. Can the proxy class approach work with the web service security?

user3805169
  • 1
  • 2

1 Answers1

0

Basically you need to write custom script to consume web service in SSIS. First you need to install certificate on local machine. Then you will be able to consume it. SSIS provide support for web service, so you can use it. SOAPUI request is equivalent to web method.

MSDN Documentation: Call a Web service by using a client certificate for authentication.

Frequently, Web services must authenticate applications that call the Web services. The Web services must perform authentications of calling applications before the Web services can perform authorizations. One authentication technique is to require applications that call the Web service to present a client certificate.

When an ASP.NET Web application tries to call a Web service that uses certificate authentication, you may receive an "access denied" error message. When a console application or a Microsoft Windows Forms application calls the same Web service, you do not receive an error message.

This behavior occurs because the computer maintains two different certificate stores: The local machine store: An ASP.NET Web application looks in this store to locate client certificates. The local user store: An interactive user application looks in this store to locate client certificates. Typically, when an interactive user application installs a client certificate, the client certificate is installed in the local user store. Therefore, the client certificate works for interactive user applications. However, the client certificate does not work for ASP.NET Web applications.

To enable an ASP.NET Web application to use a client certificate, you must install the client certificate in the local machine store. When you install a client certificate in the local machine store, the client certificate is only available for user accounts in the Administrators group and for the user who installed the client certificate. Therefore, you must grant access to the client certificate for the user account that is used to run the ASP.NET Web application.

Note You must have the Microsoft .NET Framework 1.1 Service Pack 1 (SP1) installed to use client certificates in the local machine store.

Additionally, when the ASP.NET Web application calls the Web service, the application must export the client certificate from the certificate store and then add the client certificate to the Web service call.

Below are resources which would provide some starting point.

Community
  • 1
  • 1
Vikramsinh Shinde
  • 2,742
  • 2
  • 23
  • 29
  • Ok thx Vikramsinh, I'm now trying through offline versions of the wsdl of the webservice because I can not approach it directly. Now i will try to generate a proxy class import those classes and try to call the methods. Will keep you updated. – user3805169 Jul 22 '14 at 12:23