Re: Storing Client Certificates
Date: Wed, 23 Mar 2005 11:01:02 -0800
If someone hacked into the client machine and found the client cert they
could send form posts and/or files over to our server. So I wanted to "hide"
the client cert so noone but my app either knows where it is or can get to it.
"Dominick Baier [DevelopMentor]" wrote:
> Hello Todd,
> certs are no secret - a public key bundled with some extra info - why are
> you concerned with security?
> Dominick Baier - DevelopMentor
> > Is there a way in .Net to specify that an embedded resource can only
> > be accessed from within the assembly?
> > Or, in general, what is the best/most secure way of storing a
> > client-side cert without having to have a user profile?
> > Thanks,
> > Todd
- Re: stunnel, OpenSSL, certificates, etc. [was: SMTP server or "forwarding"?]
... Is there a way to find a server that might be there but I ... >> how the ssl stuff works. ... Does the client need to have the certificate ... client must have a client cert to connect? ...
- Re: CA and IIS
... In win2000 you can use certificate snapin or web enrollment to have users ... Issuing CA is trusted by the web server machine. ... > i run cert server on one server and IIS on another. ... i created a page that requrie client cert. ...
- Re: HELP - Cert Svr and IIS
... Win 2003 Enterprise Server you can use autoenrollment. ... Directory service mapping to map the certificates to user accounts when the ... i created a page that requrie client cert. ...
- Re: httpwebrequest failure with .net service
... Do you know if SSL client certificate authentication is being performed? ... client cert that is being used (which may actually be the server's own SSL ... Co-author of "The .NET Developer's Guide to Directory Services Programming" ... the same 2003 server machine that is configured to use https. ...
- Certificates and web services
... A client of mine is trying to consume my web service. ... is requiring client cert. ... Their web server has a server cert. ... They are trying to attach that server cert as their client cert. ...