HttpWebRequest client certificate private key problem (VB.NET 2002)
From: Andreas Birgerson (andbir@removethis.sema.se)
Date: 02/26/03
- Next message: Sebastian T. Tkocz: "Configuring default HashAlgorithm"
- Previous message: Michael Lierheimer: "Re: Setting ACL File Attributes with C#"
- Next in thread: Adarsh Khare [MS]: "Re: HttpWebRequest client certificate private key problem (VB.NET 2002)"
- Reply: Adarsh Khare [MS]: "Re: HttpWebRequest client certificate private key problem (VB.NET 2002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Andreas Birgerson" <andbir@removethis.sema.se> Date: Wed, 26 Feb 2003 12:23:41 +0100
How can I use the httpwebrequest functionality to post XML data over a
secure authenticated channel (https)?
I have a valid client certificate with a corresponding private key. The
certificate is in x509 format (.CER) and the .cer file contains the private
key. I converted the .cer file to .pfx (PKCS#12) with the OpenSSL utility
and this file I can import into the certificate store in the operating
system and it shows up as valid and having a corresponding private key (the
.cer file however imports ok but does not import the private key)
After this If I try to surf (IE) to the URL in question I get a popup where
i can select my client cert from a list (only one item) and after selecting
it the request goes through ok.
The X509Certificate.CreateFromCertFile works well enough (no runtime error)
when used with the .CER file (x509 format) but the SSL/TLS channel is not
established, i guess because the private key is never imported.
There seems to be no "events" of the HttpWebRequest that I can hook in to to
interpret or log the progress as the connection is made.
The functions CreateFromSignedFile and CreateFromCertFile are extremely
poorly documented, it's the same in both the MSDN Jan 2003 library and MSDN
online.
If I try to import the .PFX file with the above fucntions i get runtime "The
form specified for the subject is one not supported or known by the
specified trust provider" - i guess since the file is no longer in X509
format.
Q1- What kind(s) of file(s) does the CreateFromSignedFile accept? Is there
any more documentation about this?
Q2- Is there no way to use the certificates in the certificate store in the
OS for the HttpWebRequest.ClientCertificates?
Q3- Which function should i choose - CreateFromSignedFile or
CreateFromCertFile? What file format?
Q4- Why can a session not be established when i use
CreateFromCertFile("c:\rsvsvc\sema.cer")
Q5- Web Services Enhancements 1.0 for Microsoft.NET seems only to be an
addition to ASP.NET not to the SDK?
Dim myReq As HttpWebRequest =
WebRequest.Create("https://137.60.48.2:8443/servlets/DDServlet")
Dim mycert = New
System.Security.Cryptography.X509Certificates.X509Certificate(System.Securit
y.Cryptography.X509Certificates.X509Certificate.CreateFromSignedFile("c:\rsv
com\sema.cer"))
'or use CreateFromCertFile("c:\rsvsvc\sema.cer") ??
myReq.ClientCertificates.Add(mycert)
- Next message: Sebastian T. Tkocz: "Configuring default HashAlgorithm"
- Previous message: Michael Lierheimer: "Re: Setting ACL File Attributes with C#"
- Next in thread: Adarsh Khare [MS]: "Re: HttpWebRequest client certificate private key problem (VB.NET 2002)"
- Reply: Adarsh Khare [MS]: "Re: HttpWebRequest client certificate private key problem (VB.NET 2002)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
