Extract client certificate info...

[Sinex]

Hi,
Am developing a web service that is gonna be consumed by a client over
https. I'm using certificates to get the mutual authentication in place. On
the server side, I want my service to be able to extract some fields from
the client's certificate. I tested the service using the browser and it
works fine...proving that the client IS sending its certificate and is
getting authenticated at IIS level.

In the web method, I'm trying to access the client's certificate using
Context.Request.ClientCertificate.SerialNumber. But this throws an exception
saying m_safeCertContext is an invalid handle. A lil examination shows that
the call to ClientCertificate is actually returning null. What am i missing?

Sinex

 

[John Saunders [MVP]]

Hi,
Am developing a web service that is gonna be consumed by a client over
https. I'm using certificates to get the mutual authentication in place.
On
the server side, I want my service to be able to extract some fields from
the client's certificate. I tested the service using the browser and it
works fine...proving that the client IS sending its certificate and is
getting authenticated at IIS level.

In the web method, I'm trying to access the client's certificate using
Context.Request.ClientCertificate.SerialNumber. But this throws an
exception
saying m_safeCertContext is an invalid handle. A lil examination shows
that
the call to ClientCertificate is actually returning null. What am i
missing?

Perhaps the client isn't sending the certificate, but the web browser was?

 

[Sinex]

Well, on the client side I am attaching the client certificate to the proxy
object's ClientCertificate collection.

Also, if the client certificate was not being sent then my request wudnt
have got thru IIS right? Coz on IIS I have configured "Require Client
Certificate" and have done a mapping to a windows user account also.