SSL/TLS – Decrypt the encrypted network traces

Ask: As we know SSL/TLS is encrypted traffic using symmetric keys created during SSL/TLS handshake. Many a time we might need to decrypt this traffic to observe the request/response packets or client certificates being sent. Tools Needed to decrypt the traffic: 1. Network monitor 3.4 – https://www.microsoft.com/en-in/download/details.aspx?id=4865 2. NMDecrypt 2.3.4 – https://nmdecrypt.codeplex.com/ 3. Server Certificate…

0

SSL/TLS – Introduction To CAPI2 Traces

Introduction:CAPI2 traces are part of windows OS and can be enabled from event viewer section. Very useful when we deal with SSL/TLS connectivity or client certificate validation issues. To enable: 1. Open Event Viewer 2. Navigate to Applications and Services Logs -> Microsoft -> Windows -> CAPI2 3. Now, remember that this utility captures all…

0

WCF: Mutual SSL Client Cert Authentication Guide With Sample App

Issue: Challenges while we try to use the SSL Mutual Authentication with Client Certificates for WCF service hosted on IIS.                                                                        …

0

WIF: Long live My Session – Session Authentication Module To Avoid STS Redirect

Issue: We are talking about problem where the SAML Token Validity Time set via custom STS is less (5 minutes) and we want to make sure NOT to redirect user every 5 min to get new SAML token.   Default STS: When we use out of box LocalSTS.exe to create Test STS, the default token validity time…

0

WCF/WIF: JWT Token Validator

Issue: Client > JWT Token -> REST Service -> SOAP Service Steps: ======== 1. User call the REST Web Service (Web API Service) 2. Web API service redirect the client to STS (Token Manager), after presenting the correct credentials. User Get the JWT token. 3. Now Web API makes the call to WCF SOAP Service…

0

WCF: POC for SAML Token Creation and Consumption

WCF: POC for SAML Token Creation and Consumption Agenda: We will understand how we can create a custom SAML token from code and how it can be used to test against a WCF service. Importance: This comes handle when we need to work on Interop scenarios and handle the received SAML tokens from Java Clients….

0

WCF: Life behind SSL Offloader

WCF: Exposing and consuming WCF service behind SSL Off loader           Problem Statement: Service external address looks correct over HTTPS, however metadata location points to Http end point. Host headers getting corrected with the use of <useRequestHeadersForMetadataAddress/>, no machine name. but the metadata location on service page is pointing to Http….

0

WCF: How to send two different client certificates as credentials at both Transport and Message Level

WCF: How to send two different client certificates as credentials at both Transport and Message Level   Requirement: Transport Security Details A secure transport layer via mutually authenticated SSL/TLS (MASSL) is required. Mutually authenticated SSL requires the use of a client certificate to be provided to the server and validated by the server. If a…

0

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting

WCF: Review System.Net and Network traces for Windows Authentication/Delegation based troubleshooting   System.Net traces <?xml version=”1.0″ encoding=”utf-8″ ?> <configuration> <system.diagnostics> <trace autoflush=”true” /> <sources> <source name=”System.Net”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.HttpListener”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Sockets”> <listeners> <add name=”System.Net”/> </listeners> </source> <source name=”System.Net.Cache”> <listeners> <add name=”System.Net”/> </listeners> </source> </sources> <sharedListeners> <add…

0