Re: using p12 Certificate - converting to x509 What am I doing wrong?

From: Michel Gallant (MVP) (neutron@istar.ca)
Date: 02/14/03

• Next message: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Previous message: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• In reply to: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Next in thread: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Reply: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Thu, 13 Feb 2003 21:27:56 -0500
From: "Michel Gallant (MVP)" <neutron@istar.ca>

ahhh, ok I see what you are trying to do now.
This probably isn't the problem, but .net currently only supports binary DER
format (and not base64 encoded der) , as discussed here:
   http://pages.istar.ca/~neutron/dotnet/certinfo/
Probably not an issue, since this would have caused an exceptio.

Let me check this out ...

 - Mitch

RP wrote:

> Mitch, their staff sent it to me in .pfx format for me to import password
> protected. So, I imported it and then re-exported to .cer. Yes their server
> is ssl protected and requires client authentication. I can browse to the url
> fine in IE. It brings up a dialog box, I select the certificate and i can
> get to the page.
>
> The problem is in code. Here is my code:
>
> Dim h as httpwebrequest
> h = Ctype(WebRequest.Create(strurl), httpwebrequest)
> Dim mycert as X509Certificate =
> X509Certificate.CreateFromCertFile("c:\mycert.cer")
> h.clientcertificates.add(mycert)
> rem response.write(h.clientcertificates.count) - gives 1
>
> h.contenttype = "text/xml"
> h.method = "GET"
>
> Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
> Dim s2 as stream = hr.getresponsestream()
> Dim sr as new streamreader(s2)
> returnstr = sr.readtoend()
> sr.close()
>
> I suspected that the request that was being submitted wasnt sending the
> cert. So i wrote a small aspx page that checked for the certificate on
> tested it against a local website requiring client authentication and I was
> correct! no cert is being sent in the request.
>
> what am i doing wrong?
>
> thanks for your help,
> Param
>
> "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
> news:3E4C417F.6960EF95@istar.ca...
> > What is this server? why is it requesting a client certificate? if it is
> an SSL
> > client authentication, your public certificate presentation should be
> fully
> > automatic. You should not have to manually export anything. You NEVER
> > export to a p12 (pfx) except to locally back up your private/public key in
> > a secure container.
> > - Mitch
> >
> >
> > RP wrote:
> >
> > > Hi I am facing the same problem. I received a .pfx file which I imported
> > > into my cert store. Now it only gives me the option to export the
> certifcate
> > > as a DER encoded CER, if I select the option not to export the private
> key.
> > > If i do it without exporting the private key then my code which is doing
> a
> > > post to the server comes back with 403 error.
> > >
> > > what is going on?
> > >
> > > "Michel Gallant (MVP)" <neutron@istar.ca> wrote in message
> > > news:3E487D32.4D960BE0@istar.ca...
> > > > see also:
> > > > http://pages.istar.ca/~neutron/dotnet/certinfo
> > > > - Mitch
> > > >
> > > > "news.microsoft.com" wrote:
> > > >
> > > > > Well .looks like I wasted two weeks on p12 and trying to use this
> > > library
> > > > > which I dont think the conversion works anyway. All I had to do
> was go
> > > to
> > > > > the certificate manager export it to DES type. and use the built
> in
> > > > > libraries. GRR
> > > > >
> > > > > "news.microsoft.com" <mike@kearl.net> wrote in message
> > > > > news:eEMQyLA0CHA.2288@TK2MSFTNGP09...
> > > > > > I am trying to use a p12 certificate to access a secure site. I
> am
> > > using
> > > > > > the library found at
> http://mentalis.org/soft/projects/certificates/
> > > > > >
> > > > > > I am loading in the certificate then converting it to a x509 cert.
> I
> > > am
> > > > > > getting an error saying that a trusted relationship could not be
> > > > > > established. What am I missing? is there something I have to do
> in
> > > order
> > > > > > to acknowledge the certificate once I make the Web Request?? Any
> help
> > > or
> > > > > > ideas would be greatly appreciated.
> > > > > >
> > > > > > this is my sourccode that I am using......
> > > > > >
> > > > > >
> > > > > > this.req =
> > > > > >
> > > > >
> > >
> (HttpWebRequest)WebRequest.Create("https://test.transunionnetaccess.com:3018
> > > > > > ?ping");
> > > > > > try
> > > > > > {
> > > > > > //Loads the p12 certificate from the file
> > > > > > Org.Mentalis.Security.Certificates.Certificate cert=
> > > > > >
> > >
> Org.Mentalis.Security.Certificates.Certificate.CreateFromPfxFile(@"C:\TUNA
> > > > > > Test Client Cert.p12","password");
> > > > > > //Converts the p12 certificate to an x509 certificate.
> > > > > >
> > > > > > X509Certificate cert2 = cert.ToX509();
> > > > > > WebClient c = new WebClient();
> > > > > > this.req.ClientCertificates.Add(cert2);
> > > > > > WebResponse result = req.GetResponse();
> > > > > >
> > > > > >
> > > > > > Stream strm = result.GetResponseStream();
> > > > > > byte[] buffer = new byte[1024];
> > > > > > int len = 0;
> > > > > > do
> > > > > > {
> > > > > > try
> > > > > > {
> > > > > > len = strm.Read(buffer, 0, 1024);
> > > > > > this.textBox1.Text +=
> > > System.Text.Encoding.ASCII.GetString(buffer, 0,
> > > > > > len); }
> > > > > > catch {}
> > > > > > }
> > > > > > while(len > 0); strm.Close();
> > > > > > }
> > > > > > catch (System.Exception ex)
> > > > > > {
> > > > > > Console.WriteLine(ex);
> > > > > > }
> > > > > >
> > > > > >
> > > > > >
> > > >
> >

---

• Next message: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Previous message: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• In reply to: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Next in thread: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Reply: RP: "Re: using p12 Certificate - converting to x509 What am I doing wrong?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: using p12 Certificate - converting to x509 What am I doing wrong? ... their staff sent it to me in .pfx format for me to import password ... Dim h as httpwebrequest ... So i wrote a small aspx page that checked for the certificate on ... (microsoft.public.dotnet.security) exception using HTTPWebRequest with SSL ... I'm using the HTTPWebRequest class to connect to a web site with SSL. ... and then use the X509Certificate class to add the certificate to ... How do I install the certificate in the LOCAL_MACHINE hive instead of the ... Dim myHttpWebRequest As HttpWebRequest ... (microsoft.public.dotnet.languages.vb) Re: HTTPS Posting Help needed ... than the X509Certificate.CreateFromSignedFile method to read the certificate ... from your .cer file? ... > Dim data As Byte= encoding.GetBytes ... > HttpWebRequest) ... (microsoft.public.dotnet.security) x509 cert not being submitted ... I am trying to attach a certificate to a httpwebrequest and send it. ... Dim h as httpwebrequest ... (microsoft.public.dotnet.security) Re: Getting 403 Forbidden error. Client Cert didnt sent ... What I tried to do is to attach a client certificate and post an XML ... Dim oWebRequest As Net.HttpWebRequest ... Dim oWebResponse As Net.HttpWebResponse ... Dim txtResponse As String ... (microsoft.public.dotnet.framework.aspnet.security)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(11)