Bug 60389 - Certificate Based Authentication with WCF: Client Certificate not sent
Summary: Certificate Based Authentication with WCF: Client Certificate not sent
Status: CONFIRMED
Alias: None
Product: iOS
Classification: Xamarin
Component: General ()
Version: XI 11.4 (d15-5)
Hardware: PC Windows
: --- normal
Target Milestone: Future Cycle (TBD)
Assignee: Bugzilla
URL:
Depends on:
Blocks:
 
Reported: 2017-10-26 13:39 UTC by johann.wolf
Modified: 2017-10-30 16:00 UTC (History)
2 users (show)

Tags:
Is this bug a regression?: ---
Last known good build:


Attachments
test solutions, docker configs (695.21 KB, application/x-zip-compressed)
2017-10-26 13:39 UTC, johann.wolf
Details


Notice (2018-05-24): bugzilla.xamarin.com is now in read-only mode.

Please join us on Visual Studio Developer Community and in the Xamarin and Mono organizations on GitHub to continue tracking issues. Bugzilla will remain available for reference in read-only mode. We will continue to work on open Bugzilla bugs, copy them to the new locations as needed for follow-up, and add the new items under Related Links.

Our sincere thanks to everyone who has contributed on this bug tracker over the years. Thanks also for your understanding as we make these adjustments and improvements for the future.


Please create a new report for Bug 60389 on Developer Community or GitHub if you have new information to add and do not yet see a matching new report.

If the latest results still closely match this report, you can use the original description:

  • Export the original title and description: Developer Community HTML or GitHub Markdown
  • Copy the title and description into the new report. Adjust them to be up-to-date if needed.
  • Add your new information.

In special cases on GitHub you might also want the comments: GitHub Markdown with public comments

Related Links:
Status:
CONFIRMED

Description johann.wolf 2017-10-26 13:39:52 UTC
Created attachment 25464 [details]
test solutions, docker configs

When a server ask for a client certificate, Xamarin iOS apps that use WCF for communication don't send the configured client certificate.

Attached is an example with a WPF and an iOS app, which have basically the same code with the big difference that during execution the WPF app sends its client certificate while the iOS app doesn't. (this can be seen in both the server message as well as when analyzing the packages in Wireshark)

To get the two solutions working you need to:
- setup a server that enforces certificate based authentication (e.g. with docker, configs attached), together with the necessary certificates
- update the client certificate in the solution (WPF: adjust path, iOS: add as resource)
- adjust the endpoint address to the server
- if necessary, trust all server certificates (ServerCertificateValidationCallback)
Comment 1 Timothy Risi 2017-10-30 16:00:43 UTC
This looks like a limitation of WCF with Xamarin.iOS.  Xamarin.iOS only supports a sub-set of WCF.  Per https://developer.xamarin.com/guides/cross-platform/application_fundamentals/web_services/#Windows_Communication_Foundation_WCF, "In general, the Xamarin platform supports the same client-side subset of WCF that ships with the Silverlight runtime."

Certificate-based authentication does not appear to be part of that support.  We'll try to review this issue in the future but to get you unblocked I would suggest creating a REST service on top of the WCF service and accessing it that way from iOS.