Re: HttpWebRequest and SSL client certs in the 'Local Computer' store
From: dsergovic (dsergovic.16xqy1_at_mail.mcse.ms)
Date: 05/27/04
- Previous message: Alek Davis: "Re: Encrypting connection strings in .Net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Thu, 27 May 2004 12:05:52 -0500
Hari,
I'm having a similar problem using HttpWebRequest and a client
certificate. I know the cert is on the machine properly b/c when I go
to my https URL I get a formatted error response from the server (so I
know I'm reaching them and they are processing the request.)
Have you had any luck since you posted this?
Dave
Hari wrote:
> *Hi,
>
> I am using the .NET faremework 1.1 (v1.1.4322). I have a web service
> client that does not use WSE 2.0 but uses HttpWebRequest directly.
> The web service itself requires SSL client auth.
>
> Setup:
> STEP 1: I imported the SSL server cert into the 'Trusted Rooot CAs'
> store of the Local Computer (thru the mmc).
> STEP 2: I imported the SSL client cert into the 'Personal' store of
> the Local Computer (thru the mmc).
> STEP 3: I exported the client cert (without exporting the private
> keys) into a DER encoded .CER file.
>
> Code:
> 1: I used X509Certificate.CreateFromCertFile() to create a
> X509Certificate object from the .CER file created in STEP 3 above.
> 2: I added this cert to the HttpWebRequest using
> httpRequest.ClientCertificates.Add(cert);
>
>
> However the cert is not being sent to the web service.
>
> No, if in STEP 2, I import the SSL client cert into the 'Personal'
> store of the Current User (and remove it from the the 'Personal'
> store of the Local Computer), then eveything works fine and the
> client cert is successfully sent to the web service (note:
> the server cert is still in the Local Computer store).
>
> The reason I need the client and server certs in the Local Computer
> stores is because I need to put this client into an ASP.NET web
> page.
>
> I had read somewhere that the problem of HttpWebRequest not looking
> for certs in the Local Computer stores was fixed in the latest
> release of the .NET framework.
>
> Am I missing something or does HttpWebRequest look into Local
> Computer only for the server cert and not to pickup the client
> certs?
>
> Thanks,
> Hari *
-- dsergovic ------------------------------------------------------------------------ Posted via http://www.mcse.ms ------------------------------------------------------------------------ View this thread: http://www.mcse.ms/message516284.html
- Previous message: Alek Davis: "Re: Encrypting connection strings in .Net"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
