Archive

Archive for February, 2016

Tricks to setting up WCF Service hosted on IIS

February 17th, 2016 No comments

The following is a short checklist of items to consider when trying to deploy a WCF Service to an IIS server.

These instructions are for a windows server box

  1. Ensure that you have the required level of .Net installed first
  2. Install the following roles – Application Server / Web Server and choose all the default options when prompted
  3. Check the ISAPI and CGI Restrictions and ensure .net framework 4.0.3 is installed and set to allowed
  4. If not you need to open a cmd window and go to c:\Windows\Microsoft.NET\Framework64\v4.0.30319\ and run “aspnet_regiis -i”
  5. My service writes to a log file. Make sure the user that runs the application pool for the website has write access to the folder where the log file will be written

If you need to set up HTTPS then do the following

  1. In IIS Manager on the entire server double-click Server Certificates
  2. Create Self Signed Certificate, give it a name
  3. Create a https binding on a port
VN:F [1.9.22_1171]
Rating: 7.0/10 (1 vote cast)

Categories: Uncategorized Tags:

X509Certificate object c# performance and memory issues alternative – fixed

February 17th, 2016 2 comments

The Problem

For my PatchCleaner product I needed the ability to read the digital certificate off a file, like can be seen on the following tab on the file properties window

msi

I want to read the digital certificate and obtain the contents of the “Subject” Field that is a string formated similarly to an Active Directory OU path.

CN=Microsoft Corporation, OU=MOPR, O=Microsoft Corporation, L=Redmond, S=Washington, C=US

The Issue

I originally used the X509Certificate and X509ertificate2 objects like so:

 var cert1 = new X509Certificate(_file);
 var cert2 = X509Certificate2.CreateFromSignedFile(_file);

Both of these worked but I noticed that when accessing the certificate on a large file (200+ Mb):

  1. It was very slow
  2. It seemed to use alot of memory

In fact on closer investigation it appears the X509Certificate reads the entire object into memory! I had a file of 800Mb that I opened with X509Certificate2.CreateFromSignedFile(_file), and the memory usage on my application increased by the same 800Mb before releasing once I had read the value!! Not cool!!

The Solution

 
Performance

This image shows a test application that attempts to read a 294mb patch file in 3 different ways, with a 1 sec sleep between calls:

  1. T1 – read the digital certificate by the X509 Certificate
  2. T2 – read the certificate via WinCrypt all content
  3. T3 – my soltuion via WinCrypt with just PK7 content

You can clearly see two large memory spikes for test 1 and 2, but test 3 doesn’t even register.

Below is a full c# code sample.

I based my solution on the following stack overflow article

Get timestamp from Authenticode Signed files in .NET

References

The only extra class you need to import is:

  • System.Secuirty

WinCrypt

This is a copy paste from the stack overflow article:

CertificateHelper

This is my static class that implements two method calls.

  1. GetDigitalCertificateSlow() -This is the version behind T2 above
  2. GetDigitalCertificate() – this is the one you want

These methods were based on the IsTimestamp code in the StackOverflow article, but I have manage to tweak slightly to get superior performance.

VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)

Categories: Uncategorized Tags:

Running WCF Service as both HTTP and HTTPS

February 16th, 2016 No comments

When trying to configure a WCF service to run as both a HTTP and HTTPS endpoint there are some differences to consider:

  1. HTTP uses SOAP 1.1
  2. HTTPS uses SOAP 1.2

This can cause issues with how your XML packets need to be generated with different SOAP Headers.

SSL Config

On the IIS Manager under the website there is a tile titled “SSL Settings”.
To run both HTTP and HTTPS ensure “Require SSL” is unticked

Web Config

If you want to allow people to generate a .wsdl file do not forget to set this in the web config in the service behaviours

<serviceMetadata httpGetEnabled="true" httpsGetEnabled="true" />
VN:F [1.9.22_1171]
Rating: 0.0/10 (0 votes cast)

Categories: Uncategorized Tags:

citrix receiver disable add account popup on startup

February 16th, 2016 3 comments

The problem

I recently installed CitrixReceiver 4.4 for windows (on 2 windows 10 pc’s) and now on start up I am always being asked to “Add Account”

The Solution

The solution that worked for me was from the Citrix website

How to Suppress the Add Account Window in Citrix Receiver for Windows

After reading this I found the solution that worked on my x64 bit windows 10, (so I assume will work on 32 bit) was to run this registry entry

  1. Create a text file
  2. Copy/Past the text into it
  3. Save
  4. change the file extension to .reg
  5. Double click and follow the prompts
Windows Registry Editor Version 5.00

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Citrix]
"EnableX1FTU"=dword:00000000

The next time you start, no more Add Account window.

VN:F [1.9.22_1171]
Rating: 7.2/10 (6 votes cast)

Categories: Uncategorized Tags: