1

Hey guys I'm trying to write an AXL-client (SOAP) for the Cisco Unified Communications Manager. For that purpose I need to establish an ssl-connection to the AXL-service. Unfortunatly I dont know much about all that ssl-stuff.

However I was able to find a working Java-example, that does, what I want. The problem is, i need that in C#.NET. So I'm hoping, that someone could "translate" the following Java-code in a C#-version. But it has to do exactly the same, espacially the authentication and certificate-stuff.

Here is the code:

    String sAXLSOAPRequest = "...";
    byte[] bArray = null; // buffer for reading response from
    Socket socket = null; // socket to AXL server
    OutputStream out = null; // output stream to server
    InputStream in = null; // input stream from server

    X509TrustManager xtm = new MyTrustManager();
    TrustManager[] mytm = { xtm };
    SSLContext ctx = SSLContext.getInstance("SSL");
    ctx.init(null, mytm, null);
    SSLSocketFactory sslFact = (SSLSocketFactory) ctx.getSocketFactory();

    socket = (SSLSocket) sslFact.createSocket("192.168.1.100", Integer.parseInt("8443"));
    in = socket.getInputStream();
    // send the request to the server
    // read the response from the server
    StringBuffer sb = new StringBuffer(2048);
    bArray = new byte[2048];
    int ch = 0;
    int sum = 0;
    out = socket.getOutputStream();
    out.write(sAXLSOAPRequest.getBytes());

    while ((ch = in.read(bArray)) != -1) {
        sum += ch;
        sb.append(new String(bArray, 0, ch));
    }
    socket.close();
    // output the response to the standard output
    System.out.println(sb.toString());

and this is the MyTrustManager-Class:

public class MyTrustManager implements X509TrustManager {
MyTrustManager() {
    // create/load keystore
}

public void checkClientTrusted(X509Certificate chain[], String authType)
        throws CertificateException {
}

public void checkServerTrusted(X509Certificate chain[], String authType)
        throws CertificateException {
}

public X509Certificate[] getAcceptedIssuers() {
    return null;
}

}

Any help would be appreciated.

Thanks

edit: sorry i should have mentioned: youre right i can generate a proxy-class, but sadly its not working properly. cisco did a really bad job with that (not to mention the really bad documentation). the proxy class throws some xml-errors when parsing some responses. so i have to do it manually for that cases...

i'll worry about the certificate security later

Improve this question
4
  • 1
    If I'm reading that code correctly, it doesn't actually check the validity of the certificates in question, providing near zero security value. I wouldn't bother with that code any more, instead find a good C# TLS tutorial or API reference and go from there... Commented May 31, 2012 at 21:40
  • 1
    I don't know C# and .net, but you shouldn't have to go so low level. There should be some kind of Web Services / SOAP library that you can use, that will take care of the connection details, given the URL. Typically, you use a tool to parse the WSDL file for the SOAP service, and that writes all the code to access the service and encode/decode the data. For example, check out this other question Commented May 31, 2012 at 21:42
  • sorry i should have mentioned: youre right i can generate a proxy-class, but sadly its not working properly. cisco did a really bad job with that (not to mention the really bad documentation). the proxy class throws some xml-errors when parsing some responses. so i have to do it manually for that cases... Commented Jun 1, 2012 at 5:09
  • There's no handy built-in SSL class in .NET. You can use SSLSocket class in our SecureBlackbox product (see eldos.com/sbb/net-ssl.php for details) which has the API similar to .NET Socket class and provides transparent SSL/TLS support. Commented Jun 1, 2012 at 5:44

1 Answer 1

Reset to default
4

Have you tried consuming the web service the "proper" way? Add a SOAP web service reference to your C# project in Visual Studio, gets the stubs etc? That's the easiest way of doing it from C#. You can just specify a https protocol in the URL when you add the reference.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

That is not the same as using the wsdl, is it? How would I do that? Could you tell me how to start trying this, or are there some good sources you could recommend?
Yes, it is the same as using WSDL. You add a web reference to your project and enter URL of the WSDL. It generates classes that you can use in your project.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.