Re: Client Certificate not reaching server

From: NRao (NRao_at_discussions.microsoft.com)
Date: 10/12/04 

Date: Tue, 12 Oct 2004 12:07:08 -0700

Joe,

 Thanks for your reply. Now I am bit clear but you said ClientCertificates
authenicate local user. What does it mean? Clould you please elobarate. Why
we authenticate a localuser?

Also Web Server people provided me a certificate(.cer file). Is this is not
enough to attach it to httpwebrequest and on their server can not they check
whether Certificate is there? For me this is bit confusing. Could you please
elobarate or please point to me a right resouce.

Thank

NRao

"Joe Kaplan (MVP - ADSI)" wrote:

> In order to use a client certificate, you need a private key installed in a
> crypto store that the current process can access. Client certificates
> authenticate the local user, not the server, so the private key is needed.
>
> ..cer files don't contain private keys. Normally, you'd get a p12 or pfx
> file that you can import.
>
> Joe K.
>
> "NRao" <NRao@discussions.microsoft.com> wrote in message
> news:CBE0D3D0-CE78-4A3B-9EC7-F3CF85AD2C53@microsoft.com...
> > Hello Everbody,
> >
> > I have a class lib which is accessing a .aspx on web through
> > httpwebrequest
> > and sending xml through post method. Server people provided me a .cer
> > file. I
> > am adding that certificate file to httpwebrequest. But their side they do
> > not
> > find the certificate. I tried following ways
> >
> > 1) Convert the .cer file into binary
> >
> > 2) Imported the .cer file into Certificate store(localcomputer/current
> > user)
> > and exported the certificate into DER format .cer file and tried
> > CreateFromCertFile() method.
> >
> > Can anybody please point right way
> >
> > Also I have few questions.
> > 1) what preventing the certificate to reach server?
> > 2)I added the certificate to httpwebrequest and sent to my test site and
> > there I checked Request.ClientCertificate.IsPresent. But I always get
> > false.
> > Why So? Even if it is not valid certificate should present. right?
> >
>
>
>

Relevant Pages

  • Re: Flaws IIS6 with AD (2003) Cert Mapping
    ... authentication over https, then when they request a user cert, the CA fills ... the certificate in place of the username/password authentication. ... authenticate users, it's the Subject Alternative information with the UPN ...
    (microsoft.public.inetserver.iis.security)
  • Re: WLAN with WPA/Radius/Certificate on SBS2003
    ... One of the laptop you recently re-setup cannot authenticate to the WLAN. ... As you can indentify that on the CA the client computer has requested the certificate. ... I'd like know whether you can see the certificate on the problematic laptop the Certificate MMC. ...
    (microsoft.public.windows.server.sbs)
  • Re: Possible Security Flaw in Windows 2000
    ... IIS certificate mapping uses explicit name mapping to authenticate users. ... The certificate is issued to johndoe2. ...
    (microsoft.public.win2000.security)
  • Re: access denied - IS THERE a definitive solution????
    ... accounts were added while part of the domain... ... none of the local user ... The part that's really ticking off, though, is that I DO authenticate ... profile created. ...
    (microsoft.public.win32.programmer.wmi)
  • Re: access denied - IS THERE a definitive solution????
    ... none of the local user ... The part that's really ticking off, though, is that I DO authenticate ... profile created. ... I would test deleting the profile created for the user when in a workgroup, ...
    (microsoft.public.win32.programmer.wmi)
Loading