Re: PKI in .net Program

Thanks Joe. I did finally get this to work. Adding the client
certificate to the HttpWebRequest object was no problem. It just took
me a while to figure out how to access my client certificate from the
program.

So now I'm using PKI to authenticate the client to the server & vice
versa, but I'm not sure whether I'm using PKI encryption. If my
program sends data to the server will it automatically be encrypted
with the server's public key (or with a session key that was set up
during authentication)? Or does my program need to perform the
encryption?

Thanks again.
~Laura

Joe Kaplan wrote:
Typically, you need to tell your web service proxy or HttpWebRequest object
what client certificate to use via it's ClientCertificate property. Did you
try that?

If you need to prompt the user, you'll need to actually implement that UI
yourself. .NET 2.0 makes that easier.

Note that client certificates can provide all sorts of challenges when used
programmatically, especially in different operational contexts. Not every
user of the same machine can access the same private keys for the same
client certs. My experience in the newsgroups over the years is that if you
have these problems, they can be very difficult to troubleshoot.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
<LauraColeman1@xxxxxxxxx> wrote in message
news:1158268767.946932.28860@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
I'm trying to access a UDDI registry server programmatically using
.net. The registry server is set to require client certificates. If I
access the registry through Internet Explorer, a window pops up asking
me to select a PKI certificate. However, if I try to access the
registry through a C# .net program, I'm not asked for a certificate -
the connection to the server just fails. Is there some way I can tell
the program to send my PKI certificate to the registry server?


.

Relevant Pages

  • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
    ... SSL only validates you are talking to a SSL certified server; ... They can simply edit the URL the client program ... can be done by using a X.509 certificate on both ends, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: LDP client authentication fails
    ... I got the LDP working with LDAP server under server client authentication ... I did not installed the certificate in pfx format .. ... Client cert auth won't work without that. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SSL & Man In the Middle Attack
    ... >> it possible for the middle man to intercept all messages from server to me ... > server sends client a signed message along with a digital certificate. ... > client generates a random secret key, ...
    (comp.security.misc)
  • Re: activesync issue
    ... On the SBS 2003 Server open the Server Management console. ... On the "Web Server Certificate" page, choose to create a new Web server ... Install the new certificate which created in above step on mobile device: ... Access to browse the Exchange Server 2003 client after you install ...
    (microsoft.public.windows.server.sbs)
  • [Full-disclosure] VMSA-2006-0010 - SSL sessions not authenticated by VC Clients
    ... X.509 certificate when creating an SSL session, ... Both the client and server need certificates from a mutually-trusted ... VirtualCenter 2.0.1 Patch 1 and VirtualCenter 1.4.1 Patch ...
    (Full-Disclosure)