App Engine python runtime, latest SDK ... using urlfetch to request over https. No matter what value I use for verify_certificate (True, False, None), I get back the same response from an internal site with a fake certificate,
Invalid and/or missing SSL certificate for URL:
The documentation suggests that setting verify_certificate to False should bypass this check. But again, I get the same exception no matter what I use. I checked the bug database but did not find anything.
We are using a made up certificate because we want the data encrypted over the wire, but we can trust the endpoint as it is internal.
Thanks for any thoughts.
Verify that your self made certificate is valid and installed correctly by accessing the endpoint using other software such as curl, wget or a web browser. You might have already done that, but the question does not (yet) say so.
If other software can access the endpoint but the url fetch service still cannot, then please report the problem with a link to your question in the AppEngine Issue Tracker. Thank you.
An error occurred while trying to make a request to URI
'http://localhost:42083/Services/MyService.asmx'. This could be due to
attempting to access a service in a cross-domain way without a proper
cross-domain policy in place, or a policy that is unsuitable for SOAP
services. You may need to contact the owner of the service to publish
a cross-domain policy file and to ensure it allows SOAP-related HTTP
headers to be sent. This error may also be caused by using internal
types in the web service proxy without using the
InternalsVisibleToAttribute attribute. Please see the inner exception
for more details.
And the most peculiar thing about is that before it worked just fine, but when I changed just
a little thing in a stored procedure it throws this exception. That's weird! I'm getting a little more suspect against SOAP services for now. Anybody who has any ideas?
After having read you comment, please make sure you have deployed a cross-domain policy file. Tim has a great blog about it: http://timheuer.com/blog/archive/2008/04/06/silverlight-cross-domain-policy-file-snippet-intellisense.aspx. It is really an essential asset to obtain when starting SL to server communication.
Hope that helps.
Can anyone point me in the right direction of how I can use SSL client-side certificates with Silverlight to access a restful web service?
I can't seem to find anything on how to handle them, or even whether they are supported.
Cheers.
Slipjig mentioned this:
"The browser stack does, and pretty much automatically, if you're willing to live with its other limitations (lack of support for all HTTP verbs, coercion of response status codes, etc.)."
If that is acceptable to you, look at how Microsoft themselves deal with this in some of their APIs using the custom X-HTTP-Method header, like how they do it for WCF and OData:
http://www.odata.org/developers/protocols/operations
In MSDN, Microsoft also mentions this about using REST in conjunction with SharePoint 2010's WCF based REST API:
msdn.microsoft.com/en-us/library/ff798339.aspx
"In practice, many firewalls and other network intermediaries block HTTP verbs other than GET and POST. To work around this issue, WCF Data Services (and the OData standard) support a technique known as "verb tunneling." In this technique, PUT, DELETE, and MERGE requests are submitted as a POST request, and an X-HTTP-Method header specifies the actual verb that the recipient should apply to the request. For more information, see X-HTTP-Method on MSDN and OData: Operations (the Method Tunneling through POST section) on the OData Web site."
Don Box's also had some words about this, but regarding GData specifically:
www.pluralsight-training.net/community/blogs/dbox/archive/2007/01/16/45725.aspx
"If I were building a GData client, I honestly wonder why I'd bother using DELETE and PUT methods at all given that X-HTTP-Method-Override is going to work in more cases/deployments."
There's an article about Silverlight and Java interop which also addresses this limitation of Silverlight by giving the same advice:
www.infoq.com/articles/silverlight-java-interop
"Silverlight supports only the GET and POST HTTP methods. Some firewalls restrict the use of PUT and DELETE HTTP methods.
It is important to point out that true RESTful service can be created (conforming to all the REST principles listed above) only using the GET and POST HTTP methods, in other words the REST architecture does not require a specific mapping to HTTP. Google’s GData X-Http-Method-Override header is an example of this approach.
The following HTTP methods overrides may be set in the header to accomplish the PUT and DELETE actions if the web services interpret the X-HTTP-Method-Override header on a POST:
* X-HTTP-Method-Override: PUT
* X-HTTP-Method-Override: DELETE"
Hope this helps
-Josh
It depends on whether you're using the browser HTTP stack or the client HTTP stack. The client stack does not support client certificates, period. The browser stack does, and pretty much automatically, if you're willing to live with its other limitations (lack of support for all HTTP verbs, coercion of response status codes, etc.).
I have however been running into a problem using the browser stack with client certificates in an OOB scenario. Prism module loading fails under these conditions - the request gets to IIS, but causes a 500 server error for no apparent reason. If I set IIS to ignore client certs, or if I run the app in-browser, it works fine :-/
take a look at this.
http://support.microsoft.com/kb/307267
just change your urls to https
hope this helps
Dim url As Uri = New Uri(Application.Current.Host.Source, "../WebService.asmx")
Dim binding As New System.ServiceModel.BasicHttpBinding
If url.Scheme = "https" Then
binding.Security.Mode = ServiceModel.BasicHttpSecurityMode.Transport
End If
binding.MaxBufferSize = 2147483647 'this value set to override a bug,
binding.MaxReceivedMessageSize = 2147483647 'this value set to override a bug,
Dim proxy As New ServiceReference1.WebServiceSoapClient(binding, New ServiceModel.EndpointAddress(url))
proxy.InnerChannel.OperationTimeout = New TimeSpan(0, 10, 0)
The problem
I have a page with a silverlight object. It attempts to retrieve XML from another (external cross domain) page. But I am struggling with a security exception.
I have this code working brilliantly in WPF.
When using a website hosting a silverlight application with the same code, the user agent string of the HttpRequest object is null (and seemingly cannot be set). In fact there is no header information at all - this causes a security exception when attempting to make my asynchronous call.
The question
Why is the user-agent string (and header information) null in my silverlight 4 application when making an asynchronous call using HttpWebRequest?
Thanks in advance!
sounds like you are might be hitting a cross domian issue
does your external xml have a clientaccesspolicy file or a crossdomain file on the site?
http://msdn.microsoft.com/en-us/library/cc197955(VS.95).aspx
Also what is the exception ? can you post.
Update:
OK, Have looked and run your code and yes it a crossdomian issue. The site "http://eu.wowarmory.com/" has a crossdomian file but only allow access from the sites listed in that file ? is you site one of those ? If not you are hitting crossdomain security. (WPF runs on the full CLR and so does not have these restrictions.)
There are options ...
-Silverlight 4 running in elevated trust is one - but that is OOB
-Doing it in Javascript and the passing the data into Silverlight
-Get you server to do the work for you i.e. proxy
-Get them to change the crossdomain file !
There are others it really depends on what you are trying to achieve overall? can you explain more ?
I'm trying to create a basic WCF Service and Silverlight client.
I've followed the following tutorial: http://channel9.msdn.com/shows/Endpoint/Endpoint-Screencasts-Creating-Your-First-WCF-Client/
Since Silverlight 4 was incompatible with the WSHttpBinding, I changed it to BasicHttpBinding.
Unfortunately I keep getting this error now: "An error occurred while trying to make a request to URI'**'.This could be due to attempting to access a service in a cross-domain way without a proper cross-domain policy in place, or a policy that is unsuitable for SOAP services. You may need to contact the owner of the service to publish a cross-domain policy file and to ensure it allows SOAP-related HTTP headers to be sent."
I placed clientaccesspolicy.xml in the root directory of the WCF project (which is in the same solution as the Silverlight client). This did not solve the problem.
What do I need to do?
I thnk this is duplicate question :
here are some links , see if any of them helps u :
link text
link text
link text