Re: HttpWebRequest and SSL client certs in the 'Local Computer' store
Hari,
I'm having a similar problem using HttpWebRequest and a client certificate. I know the cert is on the machine properly b/c when I go to my https URL I get a formatted error response from the server (so I know I'm reaching them and they are processing the request.)
Have you had any luck since you posted this?
Dave
Quote:
Originally posted by Hari
Hi,
I am using the .NET faremework 1.1 (v1.1.4322). I have a web service client that does not use WSE 2.0 but uses HttpWebRequest directly. The web service itself requires SSL client auth.
Setup:
STEP 1: I imported the SSL server cert into the 'Trusted Rooot CAs' store of the Local Computer (thru the mmc).
STEP 2: I imported the SSL client cert into the 'Personal' store of the Local Computer (thru the mmc).
STEP 3: I exported the client cert (without exporting the private keys) into a DER encoded .CER file.
Code:
1: I used X509Certificate.CreateFromCertFile() to create a X509Certificate object from the .CER file created in STEP 3 above.
2: I added this cert to the HttpWebRequest using httpRequest.ClientCertificates.Add(cert);
However the cert is not being sent to the web service.
No, if in STEP 2, I import the SSL client cert into the 'Personal' store of the Current User (and remove it from the the 'Personal' store of the Local Computer), then eveything works fine and the client cert is successfully sent to the web service (note:
the server cert is still in the Local Computer store).
The reason I need the client and server certs in the Local Computer stores is because I need to put this client into an ASP.NET web page.
I had read somewhere that the problem of HttpWebRequest not looking for certs in the Local Computer stores was fixed in the latest release of the .NET framework.
Am I missing something or does HttpWebRequest look into Local Computer only for the server cert and not to pickup the client certs?
Thanks,
Hari
|
Cell Phones reviews
03-28-04, 10:19 AM
Linear Mode
