SOAP and certificate authorization

Question

I need to use web-service based on SOAP and WSDL. SOAP (https) use login, password and certificate to auth. Example on PHP:

<?
...
$client->authtype = 'certificate';
$client->decode_utf8 = 0;
$client->soap_defencoding = 'UTF-8';
$client->certRequest['sslcertfile'] = 'path_to_cert.crt';
$client->certRequest['sslkeyfile'] = 'path_to_private.key';
$client->certRequest['cainfofile'] = 'path_to_cacert.pem';
$client->call("method");
...
?>

How can i do that on c#? I add Service Reference in VS2008 and try this:

var ya = new YAPI.APIPortClient();
ya.Open();
ya.PingAPI();

Catch exception:

Could not establish trust relationship for the SSL/TLS secure channel with authority 'service url'.

Try this:

var ya = new YAPI.APIPortClient();
ya.ClientCredentials.UserName.UserName = "login";
ya.ClientCredentials.UserName.Password = "pass";
ya.ClientCredentials.ClientCertificate.Certificate = new X509Certificate2(@"path_to_cert.crt");
ya.Open();
ya.PingAPI();

and catch same exception. What i need to do to pass authorization? Thanks for answers. Sorry for bad english :)

Answer 1

If you don't need username and password, you shouldn't be setting it - perhaps it won't use the client certificate if a password is set.

For the certificate itself, make sure it contains a private key, i.e. is a PKCS12 file which has the private key embedded.