I am using silverlight 4 application, in two scenarios.
Scenario 1: Silverlight and RPC on same machine
-
Being run hosted on a web page on the file system, silverlight XAP is also on the file system:
C:\Silverlight\FSSilverlightApp\bin\Debug\SilverlightApplication2TestPage.html -
Connecting to a web site on localhost, being accessed:
https://localhost/rpc/someMethod -
These are two separate URI’s so the browser detects and immediately requests (track via fiddler):
https://lcoalhost/clientaccesspolicy.xmlsucessfully returns:
<?xml version="1.0" encoding="utf-8"?> <access-policy> <cross-domain-access> <policy> <allow-from http-request-headers="*"> <domain uri="http://*"/> <domain uri="https://*" /> </allow-from> <grant-to> <resource path="/" include-subpaths="true"/> </grant-to> </policy> </cross-domain-access> </access-policy> -
The application is then able to make the rpc requests (observed via fiddler)
Everything is fine. If i change the remote host to the local machine name instead of localhost, that works fine as well.
Scenario 2: Silverlight on local machine and RPC is remote
- In this scenario, I am using a different desktop to access the same RPC server used in scenario 1.
- Silverlight starts up, and no request to: clientaccesspolicy.xml is made
- Fiddler shows a ton of https tunnels being established, but no commuinication between my machine and the remote server.
The following security exception is returned:
System.Security.SecurityException ---> System.Security.SecurityException: Security error.
at System.Net.Browser.ClientHttpWebRequest.InternalEndGetResponse(IAsyncResultasyncResult)
at System.Net.Browser.ClientHttpWebRequest.<>c__DisplayClass5.<EndGetResponse>b__4(ObjectsendState)
at System.Net.Browser.AsyncHelper.<>c__DisplayClass2.<BeginOnUI>b__0(Object sendState)
--- End of inner exception stack trace ---
at Microsoft.FSharp.Control.WebExtensions.AsyncGetResponse@1781-1.Invoke(Exception _arg1023)
at Microsoft.FSharp.Control.AsyncBuilderImpl.callA@736.Invoke(AsyncParams`1 args)
I assume this is an IE configuration issue. I tried setting the machine in scenario 1, as a trusted site inside of internet explorer and that didn’t seem to work… This must be a self signed or mismatched certificate issue. Any thoughts?
Using: IE 8 and Windows 7
Thoughts?
I used Fiddler to sit in between the sliverlight client and the server. IN order to get that to work properly I needed to export the fiddler certificate (tools\fiddlerOptions\https) and install it locally as the root certificate authority.