Re: using p12 Certificate - converting to x509 What am I doing wrong?
From: RP (rp@nospam.com)
Date: 02/14/03
- Next message: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Previous message: Shan McArthur: "How to get domain\username (NT account) from a DirectoryEntry object of user?"
- In reply to: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Next in thread: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Reply: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "RP" <rp@nospam.com> Date: Thu, 13 Feb 2003 20:57:44 -0500
Mitch, their staff sent it to me in .pfx format for me to import password
protected. So, I imported it and then re-exported to .cer. Yes their server
is ssl protected and requires client authentication. I can browse to the url
fine in IE. It brings up a dialog box, I select the certificate and i can
get to the page.
The problem is in code. Here is my code:
Dim h as httpwebrequest
h = Ctype(WebRequest.Create(strurl), httpwebrequest)
Dim mycert as X509Certificate =
X509Certificate.CreateFromCertFile("c:\mycert.cer")
h.clientcertificates.add(mycert)
rem response.write(h.clientcertificates.count) - gives 1
h.contenttype = "text/xml"
h.method = "GET"
Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
Dim s2 as stream = hr.getresponsestream()
Dim sr as new streamreader(s2)
returnstr = sr.readtoend()
sr.close()
I suspected that the request that was being submitted wasnt sending the
cert. So i wrote a small aspx page that checked for the certificate on
tested it against a local website requiring client authentication and I was
correct! no cert is being sent in the request.
what am i doing wrong?
thanks for your help,
Param
"Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
news:3E4C417F.6960EF95@istar.ca...
> What is this server? why is it requesting a client certificate? if it is
an SSL
> client authentication, your public certificate presentation should be
fully
> automatic. You should not have to manually export anything. You NEVER
> export to a p12 (pfx) except to locally back up your private/public key in
> a secure container.
> - Mitch
>
>
> RP wrote:
>
> > Hi I am facing the same problem. I received a .pfx file which I imported
> > into my cert store. Now it only gives me the option to export the
certifcate
> > as a DER encoded CER, if I select the option not to export the private
key.
> > If i do it without exporting the private key then my code which is doing
a
> > post to the server comes back with 403 error.
> >
> > what is going on?
> >
> > "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
> > news:3E487D32.4D960BE0@istar.ca...
> > > see also:
> > > http://pages.istar.ca/~neutron/dotnet/certinfo
> > > - Mitch
> > >
> > > "news.microsoft.com" wrote:
> > >
> > > > Well .looks like I wasted two weeks on p12 and trying to use this
> > library
> > > > which I dont think the conversion works anyway. All I had to do
was go
> > to
> > > > the certificate manager export it to DES type. and use the built
in
> > > > libraries. GRR
> > > >
> > > > "news.microsoft.com" <mike@kearl.net> wrote in message
> > > > news:eEMQyLA0CHA.2288@TK2MSFTNGP09...
> > > > > I am trying to use a p12 certificate to access a secure site. I
am
> > using
> > > > > the library found at
http://mentalis.org/soft/projects/certificates/
> > > > >
> > > > > I am loading in the certificate then converting it to a x509 cert.
I
> > am
> > > > > getting an error saying that a trusted relationship could not be
> > > > > established. What am I missing? is there something I have to do
in
> > order
> > > > > to acknowledge the certificate once I make the Web Request?? Any
help
> > or
> > > > > ideas would be greatly appreciated.
> > > > >
> > > > > this is my sourccode that I am using......
> > > > >
> > > > >
> > > > > this.req =
> > > > >
> > > >
> >
(HttpWebRequest)WebRequest.Create("https://test.transunionnetaccess.com:3018
> > > > > ?ping");
> > > > > try
> > > > > {
> > > > > //Loads the p12 certificate from the file
> > > > > Org.Mentalis.Security.Certificates.Certificate cert=
> > > > >
> >
Org.Mentalis.Security.Certificates.Certificate.CreateFromPfxFile(@"C:\TUNA
> > > > > Test Client Cert.p12","password");
> > > > > //Converts the p12 certificate to an x509 certificate.
> > > > >
> > > > > X509Certificate cert2 = cert.ToX509();
> > > > > WebClient c = new WebClient();
> > > > > this.req.ClientCertificates.Add(cert2);
> > > > > WebResponse result = req.GetResponse();
> > > > >
> > > > >
> > > > > Stream strm = result.GetResponseStream();
> > > > > byte[] buffer = new byte[1024];
> > > > > int len = 0;
> > > > > do
> > > > > {
> > > > > try
> > > > > {
> > > > > len = strm.Read(buffer, 0, 1024);
> > > > > this.textBox1.Text +=
> > System.Text.Encoding.ASCII.GetString(buffer, 0,
> > > > > len); }
> > > > > catch {}
> > > > > }
> > > > > while(len > 0); strm.Close();
> > > > > }
> > > > > catch (System.Exception ex)
> > > > > {
> > > > > Console.WriteLine(ex);
> > > > > }
> > > > >
> > > > >
> > > > >
> > >
>
- Next message: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Previous message: Shan McArthur: "How to get domain\username (NT account) from a DirectoryEntry object of user?"
- In reply to: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Next in thread: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Reply: Michel Gallant (MVP): "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
