I have a windows service that is sending data to a secure web page. This currently works fine in a console application run through visual studio 2010. I have been able to connect and send the data using this method.
The problems comes when I deploy and run the windows service, I am now getting the following error "The request was aborted: Could not create SSL/TLS secure channel."
This is the code I use to make the http post to the webpage
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Ssl3;
ServicePointManager.ServerCertificateValidationCallback +=
(sender, cert, chain, sslPolicyErrors) => true;
HttpWebRequest request = (HttpWebRequest)WebRequest.Create(url);
request.ContentType = "text/xml; encoding='utf-8'";
request.Method = "POST";
doc.Save(request.GetRequestStream());
X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
var certif = store.Certificates.Find(X509FindType.FindByThumbprint, "539B640BD981BFC48A366B8981B66F301C8A3959", false);
request.ClientCertificates.Add(certif);
try
{
using (HttpWebResponse response = (HttpWebResponse)request.GetResponse())
{
if (response.StatusCode == HttpStatusCode.OK)
{
success = true;
}
}
}
catch (Exception ex)
{
error = ex.Message + " " + ex.InnerException;
}
I have checked the certificate store, the correct certificate is in the trusted root of the windows service. Is there another aspect of the TLS/SSL connection that is different from a Window Service? Any ideas people have would be greatly appreciated.
If anyone comes across similar behaviour, the problem arose because the Windows service didn't have sufficient permissions. It only worked on my local machine if the service was logged in as myself. It only worked on a separate server when the windows service was logged in as an Administrator.