Working with SSL

Last updated
Save as PDF

Working with SSL

You may or may not need this code. You do not need it for real-world clients because the iWeb server requires clients to use SSL. You may need this code if find yourself testing against a test server that does not have signed and provisioned SSL key.

When using SSL connections, oftentimes the SSL key needs to be certified by a third party, not the client or the server. The third party issues a certificate saying that the SSL key given by the server is valid.

If this certificate is not signed, you have the option of trusting it or not. Often you will see a browser warn you that the certificate is not signed. You can choose yes or no. We need to give the client application the chance to choose yes or no. You will need the following code:

using System.Security.Cryptography.X509Certificates;

using System.Net;

public class MyPolicy : ICertificatePolicy

{

public bool CheckValidationResult(

ServicePoint srvPoint,

X509Certificate certificate,

WebRequest request,

int certificateProblem) {

return true;

}

What we're doing is defining our own certificate policy. This policy shown above simply accepts all certificates, signed or unsigned, because it returns true. You may change the code so that it examines the certificate and makes a different choice. Now that we've defined a policy, we have to use it. You'll need this code somewhere in your client:

MyPolicy mypolicy = new MyPolicy();

System.Net.ServicePointManager.CertificatePolicy = mypolicy;

This needs only be done once overall, not once per client request. This code should now successfully insert the Username token into the request, and send it to the server. If all is correct, the request will be accepted.