Re: regarding retrival of server certificate
- From: "Joe Kaplan" <joseph.e.kaplan@xxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Mon, 18 Dec 2006 00:27:54 -0600
I was just checking around with this and there appears to be an even easier
way to do this in .NET 2.0 than implement ICertificatePolicy. The
ServicePointManager class now has a ServerCertificateVerificationCallback
which is a delegate type. Just define a method with the same signature as
the delegate and assign it to the ServicePointManager using AddressOf.
Then, your function will be called when a HTTPS connection is established.
Public Function MyCertificateCallback ( _
sender As Object, _
certificate As X509Certificate, _
chain As X509Chain, _
sslPolicyErrors As SslPolicyErrors _
) As Boolean
'do something in here. Make sure you return True if you want to allow the
request.
End Function
ServicePointManager.ServerCertificateValidationCallback = AddressOf
MyCertificateCallback
ICertificatePolicy isn't much more difficult to implement, but it is more
useful to use the new delegate as you get the whole cert chain now and a
strongly typed enum value for any policy errors instead of a number you have
to look up in the Windows API reference.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
<barathee_raja@xxxxxxxxxxx> wrote in message
news:1166414209.700700.58150@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
hanks joe..
can u please help me with a example code for ICertificatePolicy..
regards
bharathi
Joe Kaplan wrote:
The first thing I would do is create an HttpWebRequest that attempts to
access your server and get the proxies working correctly by configuring
the
Proxy property to work they way you need it to in your environment.
Once you can get the HttpWebRequest working and can get a response back,
then you can just add the ICertificatePolicy stuff. Basically, you just
create a class that implements ICertificatePolicy, create an instance of
it
and then set the CertificatePolicy property on the ServicePointManager to
the instance of your class. Then, your CheckValidationResult method will
be
called and the arguments of that function will contain the server
certificate.
You might also be able to get your SslStream approach to work by opening
a
socket to the proxy server on the proxy server port, but I've never
messed
with proxies at the TCP level before, so I don't know.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
<barathee_raja@xxxxxxxxxxx> wrote in message
news:1166172384.981780.275640@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
thanks joe,
can u please help me with a code in HttpwebRequest And
IcertificatePolicy
i have tried with SSlstream and got the certificate
but this is using tcp stream
i need to use http sream which enales me to pass the request throug the
httpproxy
please help me witha sample code
regards
bharathi
Joe Kaplan wrote:
What have you tried so far? Do you want an example with SslStream or
with
HttpWebRequest and ICertificatePolicy? What language?
I think it might be better if you just try one of the samples for
SslStream
first to see if you can make any progress with it.
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
<barathee_raja@xxxxxxxxxxx> wrote in message
news:1165811039.566705.236830@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
thanks for ur reply
can u please help me with a sample code...
regards
bharathi
Dominick Baier wrote:
As Joe already pointed out - use SSL - thats an easy and standard
way
to
get a server certificate for validation and authentication.
You even have more control over the whole process by using the
SslStream
class in .NET 2.0
All other ways would involve an apache/OS specific way to transfer
the
cert
to the client...
-----
Dominick Baier (http://www.leastprivilege.com)
thank for ur reponse
actually i want to get the certificate stored at the server and
to
validate it
ho to get the certificate in my server is there any function?
please help me regarding issue...
regards
bharathi
Joe Kaplan wrote:
Are you using SSL? It takes care of that for you. If you want
to
do
something programmatic involving SSL and HTTP, use the
HttpWebRequest
class in .NET to access the Apache server. If you want to get
details of the server's certificate, you can create an instance
of
a
class that implements ICertificatePolicy and use the
CheckValidationResult to get the server's certificate during the
SSL
handshake and check to see if it is valid.
HTH,
Joe K.
--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
<barathee_raja@xxxxxxxxxxx> wrote in message
news:1165398418.770961.98240@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
hi,
am bharathi currently working in .net platform,in my
application
iam in need of retriving the certificate stored at the server
and
to
validate the identity of the server.
my sever is winn.mygdc.com and it's a apache web server.
is there any options available in the .net to attain this.
please help me regarding this issue.
thanx in advance
regards
bharathi
.
- References:
- Re: regarding retrival of server certificate
- From: barathee_raja
- Re: regarding retrival of server certificate
- From: Dominick Baier
- Re: regarding retrival of server certificate
- From: barathee_raja
- Re: regarding retrival of server certificate
- From: Joe Kaplan
- Re: regarding retrival of server certificate
- From: barathee_raja
- Re: regarding retrival of server certificate
- From: Joe Kaplan
- Re: regarding retrival of server certificate
- From: barathee_raja
- Re: regarding retrival of server certificate
- Prev by Date: Re: regarding retrival of server certificate
- Next by Date: Role-based-Security... just switch it off
- Previous by thread: Re: regarding retrival of server certificate
- Next by thread: RSA Encryption
- Index(es):
Relevant Pages
|
