Changeset 16692 for branches/2521_ProblemRefactoring/HeuristicLab.Clients.Common/3.3/ClientFactory.cs

Timestamp:

03/18/19 17:24:30 (6 years ago)

Author:

abeham

Message:

#2521: merged trunk changes up to r15681 into branch (removal of trunk/sources)

Location:

branches/2521_ProblemRefactoring

Files:

• . (modified) (2 props)
• HeuristicLab.Clients.Common/3.3/ClientFactory.cs (modified) (4 diffs)

branches/2521_ProblemRefactoring

@@ -24 +24 @@
 protoc.exe
 obj
+.vs

@@ -24 +24 @@
 protoc.exe
 obj
+.vs

branches/2521_ProblemRefactoring/HeuristicLab.Clients.Common/3.3/ClientFactory.cs

@@ -1 +1 @@
 #region License Information
 /* HeuristicLab
- * Copyright (C) 2002-2015 Heuristic and Evolutionary Algorithms Laboratory (HEAL)
+ * Copyright (C) 2002-2018 Heuristic and Evolutionary Algorithms Laboratory (HEAL)
  *
  * This file is part of HeuristicLab.
@@ -21 +21 @@
 
 using System;
+using System.Security.Cryptography.X509Certificates;
 using System.ServiceModel;
 using System.ServiceModel.Description;
+using System.ServiceModel.Security;
 using HeuristicLab.Clients.Common.Properties;
 
@@ -59 +61 @@
       client.ClientCredentials.UserName.UserName = userName;
       client.ClientCredentials.UserName.Password = password;
-      client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
+      client.ClientCredentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.ChainTrust;
+
+      // we (jkarder + abeham) have disabled the revocation check for now
+      // the certificate requires OCSP instead of CRL for revocation checks, but the OCSP check fails
+      // we currently don't know why this is the case, because we observed a valid OCSP request/response using wireshark
+      client.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
       return client;
     }
@@ -83 +90 @@
       channelFactory.Credentials.UserName.UserName = userName;
       channelFactory.Credentials.UserName.Password = password;
-      channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = System.ServiceModel.Security.X509CertificateValidationMode.None;
+      channelFactory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.ChainTrust;
+
+      // we (jkarder + abeham) have disabled the revocation check for now
+      // the certificate requires OCSP instead of CRL for revocation checks, but the OCSP check fails
+      // we currently don't know why this is the case, because we observed a valid OCSP request/response using wireshark
+      channelFactory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck;
       return channelFactory;
     }

@@ -24 +24 @@
 protoc.exe
 obj
+.vs