More discussions in Orion SDKWhere is this place located?
1 Reply Latest reply: Jan 19, 2012 2:24 PM by tdanner RSS

Credentials using Orian SDK

Paul-brett
Paul-brett Jan 16, 2012 8:59 AM
Currently Being Moderated

Hi

 

I am trying to write a client app that consumes the SWIS web service. I am trying to login to the web service but when I execute the QueryXML method it throws an Exception:

"Could not establish trust relationship for the SSL/TLS secure channel with authority 'solarwinds:17778'".

I am guessing the web service is not able to authenticate the user credentials I am providing.

I am setting the follwoing properties with no joy.

client.ClientCredentials.UserName.UserName = @"mydomain\username";
client.ClientCredentials.Windows.AllowNtlm = true;

client.ClientCredentials.Windows.AllowedImpersonationLevel = System.Security.Principal.TokenImpersonationLevel.Impersonation;

I was wondering if our administrators need to set my account up in Solarwinds differently or there is a configuration step being missed.

I have access to the Solarwinds dashboard via the browser without logging in but my nt account credentials are not working for the webservice.

 

Thanks

 

Paul

  • 147 Views
  • Re: Credentials using Orian SDK
    tdanner
    tdanner Jan 19, 2012 2:24 PM (in response to Paul-brett)
    Currently Being Moderated

    There are two things going on here.

    First: the "Could not establish trust relationship" error you are getting is because the certificate SWIS uses for HTTPS is intentionally not a valid certificate. It is self-signed rather than issued from a proper certificate authority like Verisign, and its common name is CN=SolarWinds-Orion instead of whatever the FQDN of your server is. You will need to bypass certificate validation with a line like:

     

    ServicePointManager.ServerCertificateValidationCallback = (sender, certificate, chain, errors) => true;

    In this mode, HTTPS provides confidentiality and replay protection, but not host authentication.

    Second: unfortunately at this time SWIS does not support authenticating Windows accounts over HTTPS. This is something we are looking at fixing in a future release. Until then, you will need to use non-Windows Orion accounts for this API.

Actions

More Like This

  • Retrieving data ...