Client Certificate Authentication With HTTS POST (.NET 2.0)

D

DerekJMiller1

We are having an issue with using a client certificate for authentication on
an HTTPS POST using WebClient related classes.

We are getting the certificate from the protected certificate store. This
seems to work OK, but the certificate is not presented as a valid certificate
to IIS at the other end (it doesn't get past IIS's certificate checks - using
Require Client Certificate).

If we turn off require client certificate, it gets to our code, but no
certificate is in the request.

It appears that somewhere in the guts of HTTPRequest, the certificate is not
transmitted over the wire (correctly?).

Note that even when using SOAP web services, we still have this issue.


If anybody can point us to some sample code demonstrating how to use a
client certificate for an HTTP post or any other assistance, it would be
appreciated.


Thanks
 
D

DerekJMiller1

Dominick,

Thanks but you're client was a windows app not an asp.net app. The problem
is when trying to access another asp.net application from an asp.net
application that must provide a client certificate. This scenario does not
seem to work.

Do you have a sample using a client cert from an asp.net client?
 
D

DerekJMiller1

Dominick,

Sorry my fault . I did not make it clear that the only scenario we have the
issue with is when the client is an asp.net application (works from windows
app).

Thanks.
 
J

Joe Kaplan

The mechanics of it are all the same. The key is to make sure that the
identity that is executing the ASP.NET app has access to the private key for
the client certificate.

Often times, you can figure out what the problem is (likely permissions) by
running filemon on the server while the client certificate it trying to be
accessed and looking for the access denied messages that are reported.
Then, you can change the ACLs on the files or directories that are causing
the failures and will be all set.

It is probably a good idea to make sure the client cert is installed in the
machine store instead of a particular user's store, as the latter requires
access to that user's profile, and that won't be available in ASP.NET.

Best of luck!

Joe K.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

X.509 Certificate based authentication 8
BasicHttpBinding with certificate 0
.Net client and SSL mutual authentication : 403 Forbidden, client certificate not sent 11
Client Certificate Setup 1
ASP.NET Client Certificate Authentication Problem 3
Issue with passing fetched data to POST form. How can I? 0
Net::HTTPS client certificate authentication 3
HTTPSConnection: client certificate auth 0

Members online

No members online now.
Total: 81 (members: 1, guests: 80)
Robots: 449

Forum statistics

Threads
473,982
Messages
2,570,190
Members
46,740
Latest member
AdolphBig6

Latest Threads

Top