tags:

views:

241

answers:

2

Unable to use HTTPS path in Assembly.LoadFrom.

Tried using TrustAllCertificatePolicy class too and it didn't work.

i have given fulltrust to server using caspol from the client machine. the same url works with ssl disabled. it does not work only for ssl enabled. please help...

The exception is:

System.IO.FileLoadException: Security problem encountered when connecting to URL for 'https://ip/tasks/tasks.dll'. File name: 'https://ip/tasks/tasks.dll'    
at System.Reflection.Assembly.nLoad(AssemblyName fileName, String codeBase, Evidence assemblySecurity,
     Assembly locationHint, StackCrawlMark& stackMark, Boolean throwOnFileNotFound, Boolean forIntrospection)    
at System.Reflection.Assembly.InternalLoad(AssemblyName assemblyRef, Evidence assemblySecurity, 
    StackCrawlMark& stackMark, Boolean forIntrospection)    
at System.Reflection.Assembly.InternalLoadFrom(String assemblyFile, Evidence securityEvidence, 
    Byte[] hashValue, AssemblyHashAlgorithm hashAlgorithm, Boolean forIntrospection, StackCrawlMark& stackMark)    
at System.Reflection.Assembly.LoadFrom(String assemblyFile, Evidence securityEvidence)    
    WRN: Assembly binding logging is turned OFF. To enable assembly bind failure logging, set the registry value 
    [HKLM\Software\Microsoft\Fusion!EnableLog] (DWORD) to 1. Note: There is some performance penalty associated 
    with assembly bind failure logging. To turn this feature off, remove the registry value 
    [HKLM\Software\Microsoft\Fusion!EnableLog].
A: 

Code Access Security will block execution of code from http and https locations into normal (full rights access).

You wll need to create a new AppDomain (and possibly remotable/serializable types to span the app domain boundary), with CAS settings in the AppDomain to run with the Internet permission set. This will avoid the downloaded code from modifying the local machine.

You could of course create a custom permission set to allow more access if you really trust the remote code (and everyone who can, or will be able to, modify it).

Richard
A: 

Hi Richard, tried using the appdomain, like this

  AppDomain.CurrentDomain.Evidence.AddHost(new System.Security.Policy.Zone(System.Security.SecurityZone.Internet));

            taskAssembly = Assembly.LoadFrom(taskDescription.AssemblyPath, AppDomain.CurrentDomain.Evidence);

and also tried using SecurityZone.Trust. But still having the same issue. Please help.