SSL client auth: access the entire certificate chain

  • Thread starter Innokentiy Ivanov
  • Start date
I

Innokentiy Ivanov

Hello,

Can anybody help me in solving the following problem. My web application
needs to access all the certificates (the entire certificate chain) provided
by the client side. As far as I can see, HttpRequest.ClientCertificate gives
access only to the end-entity certificate. Is there a possibility to access
other (CA and intermediate CA) certificates provided by the client side?

Thank you in advance,

With best regards,
Innokentiy Ivanov
EldoS Corporation
 
I

Innokentiy Ivanov

Hello!
You wrote on Wed, 8 Feb 2006 09:19:39 +0000 (UTC):

DB> 1.1 or 2.0 ?

Actually, it would be excellent to find a solution for both versions.

With best regards,
Innokentiy Ivanov
 
D

Dominick Baier [DevelopMentor]

Hi,

in 2.0 you can convert the HttpClientCertificate to a X509Certificate2 -
which can be fed into a X509Chain object - this might give you what you want.

in 1.1 there is only interop with CAPICOM - and i am not sure if this will
help you (never tried it)

---------------------------------------
Dominick Baier - DevelopMentor
http://www.leastprivilege.com
Hello!
You wrote on Wed, 8 Feb 2006 09:19:39 +0000 (UTC):
Click to expand...
DB>> 1.1 or 2.0 ?
DB>>
 
I

Innokentiy Ivanov

Hello!
You wrote on Wed, 8 Feb 2006 09:35:01 +0000 (UTC):

DBD> in 2.0 you can convert the HttpClientCertificate to a X509Certificate2
DBD> - which can be fed into a X509Chain object - this might give you what
DBD> you want.
DBD> in 1.1 there is only interop with CAPICOM - and i am not sure if this
DBD> will help you (never tried it)

Thank you very much for your prompt response, it helped me much.

With best regards,
Innokentiy Ivanov
 
R

Robson Carvalho Machado

Dear Friends,

Can you show me how to do this using CAPICOM?

I'm trying to use IIS request.clientcertificates to feed CAPICOM.certificate
object but it is not working.
Thanks
 
R

Robson Carvalho Machado

Dear friends,

please, ignore my question.
The problem was already solved.

TIA
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

Reset SSL State / Request OTHER client certificate 2
how to verify SSL certificate chain - M2 Crypto library? 0
.Net client and SSL mutual authentication : 403 Forbidden, client certificate not sent 11
Setting up client certificate. 0
Access denied 403.7 client certificate 2
ASP.NET Client Certificate Authentication Problem 3
Sending Client Certificate 0
Dynamically retrieve SSL client certificate 0

Members online

No members online now.
Total: 76 (members: 0, guests: 76)
Robots: 401

Forum statistics

Threads
473,995
Messages
2,570,230
Members
46,819
Latest member
masterdaster

Latest Threads

Top