|
web
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
HttpWebRequest using Certificatesmy VB.NET (Framework 2.0) client application has to do a HttpWebRequest (for reading web-pages and downloading files) on a web server. The server uses a self-signed certifiacte and the client application should also use a self-signed certificate (of course, signed by the same self-made CA) so we would have an authentication of both directions: the server to the client and the other way round. Is there a way to programmatically load the self-signed server certificate in my VB application? Something like: Private _WebClient As HttpWebRequest Private _ClientCert As X509Certificate2 = LoadCert() ' This already works _WebClient = CType(WebRequest.Create(_Server + "site.html"), HttpWebRequest) _WebClient.ClientCertificates.Add(_ClientCert) ' Something like this..... _WebClient.AuthorizedCertificateAuthorities.Add("MyCA.crt") Dim NewResponse As HttpWebResponse = CType(_WebClient.GetResponse(), HttpWebResponse) So far my client does not accept the server certificate since it could not establish the trust relationship! Of course, since my client does not know about the CA. And I don't want to have to install the certificate/CA on each machine that I need to install the software on. Any ideas? Thank you very much, Josef Hello,
Here is a sample may help: HttpWebRequest httprq = (HttpWebRequest)HttpWebRequest.Create(uri); httprq.Method = "POST"; httprq.ContentType = "text/xml; charset=utf-8"; string certificateName = "ABC"; X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser); store.Open(OpenFlags.ReadOnly); X509Certificate2Collection certificates = store.Certificates.Find(X509FindType.FindBySubjectName, certificateName, true); X509Certificate certificate = certificates[0]; httprq.ClientCertificates.Add(certificate); //Response HttpWebResponse httprp = (HttpWebResponse)httprq.GetResponse(); Also, The server certificate's root authority must be trusted by client and the client certificate's root authority must be trusted by the server. Regards, Luke Zhang (This posting is provided "AS IS", with no warranties, and confers no rights.) Hi Luke,
thanks for the advice with the certificat sore. What I'm trying to do write know is to load all certificates (client, server, ca) into the corresponding certificate stores. But 1. I still get the ..."Could not establish trust relationship for the SSL'/TLS secure channel" error message 2. I cannot find the certificates I just added to the differen certificate stores wihin the IE... Here's the code...maybe I do something wrong while adding them... Private _ClientCert As X509Certificate2 Private _ServerCert As X509Certificate2 Private _CACert As X509Certificate2 Public Sub New(ByVal ClientCertFile As String, ByVal ServerCertFile As String, ByVal CACertFile As String) _ClientCert = ReadCertificate(ClientCertFile) _ServerCert = ReadCertificate(ServerCertFile) _CACert = ReadCertificate(CACertFile) Dim CAstore As New X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine) CAstore.Open(OpenFlags.ReadWrite) CAstore.Add(_CACert) CAstore.Close() Dim ServerStore As New X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine) ServerStore.Open(OpenFlags.ReadWrite) ServerStore.Add(_ServerCert) ServerStore.Close() Dim ClientStore As New X509Store(StoreName.My, StoreLocation.LocalMachine) ClientStore.Open(OpenFlags.ReadWrite) ClientStore.Add(_ClientCert) ClientStore.Close() Thanx, Josef Hi Luke,
thanks for the advice with the certificat sore. What I'm trying to do write know is to load all certificates (client, server, ca) into the corresponding certificate stores. But 1. I still get the ..."Could not establish trust relationship for the SSL'/TLS secure channel" error message 2. I cannot find the certificates I just added to the differen certificate stores wihin the IE... Here's the code...maybe I do something wrong while adding them... Private _ClientCert As X509Certificate2 Private _ServerCert As X509Certificate2 Private _CACert As X509Certificate2 Public Sub New(ByVal ClientCertFile As String, ByVal ServerCertFile As String, ByVal CACertFile As String) _ClientCert = ReadCertificate(ClientCertFile) _ServerCert = ReadCertificate(ServerCertFile) _CACert = ReadCertificate(CACertFile) Dim CAstore As New X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine) CAstore.Open(OpenFlags.ReadWrite) CAstore.Add(_CACert) CAstore.Close() Dim ServerStore As New X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine) ServerStore.Open(OpenFlags.ReadWrite) ServerStore.Add(_ServerCert) ServerStore.Close() Dim ClientStore As New X509Store(StoreName.My, StoreLocation.LocalMachine) ClientStore.Open(OpenFlags.ReadWrite) ClientStore.Add(_ClientCert) ClientStore.Close() Thanx, Josef Hi Luke,
thanks for the advice with the certificat sore. What I'm trying to do write know is to load all certificates (client, server, ca) into the corresponding certificate stores. But 1. I still get the ..."Could not establish trust relationship for the SSL'/TLS secure channel" error message 2. I cannot find the certificates I just added to the differen certificate stores wihin the IE... Here's the code...maybe I do something wrong while adding them... Private _ClientCert As X509Certificate2 Private _ServerCert As X509Certificate2 Private _CACert As X509Certificate2 Public Sub New(ByVal ClientCertFile As String, ByVal ServerCertFile As String, ByVal CACertFile As String) _ClientCert = ReadCertificate(ClientCertFile) _ServerCert = ReadCertificate(ServerCertFile) _CACert = ReadCertificate(CACertFile) Dim CAstore As New X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine) CAstore.Open(OpenFlags.ReadWrite) CAstore.Add(_CACert) CAstore.Close() Dim ServerStore As New X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine) ServerStore.Open(OpenFlags.ReadWrite) ServerStore.Add(_ServerCert) ServerStore.Close() Dim ClientStore As New X509Store(StoreName.My, StoreLocation.LocalMachine) ClientStore.Open(OpenFlags.ReadWrite) ClientStore.Add(_ClientCert) ClientStore.Close() Thanx, Josef Hi Luke,
thanks for the advice with the certificat sore. What I'm trying to do write know is to load all certificates (client, server, ca) into the corresponding certificate stores. But 1. I still get the ..."Could not establish trust relationship for the SSL'/TLS secure channel" error message 2. I cannot find the certificates I just added to the differen certificate stores wihin the IE... Here's the code...maybe I do something wrong while adding them... Private _ClientCert As X509Certificate2 Private _ServerCert As X509Certificate2 Private _CACert As X509Certificate2 Public Sub New(ByVal ClientCertFile As String, ByVal ServerCertFile As String, ByVal CACertFile As String) _ClientCert = ReadCertificate(ClientCertFile) _ServerCert = ReadCertificate(ServerCertFile) _CACert = ReadCertificate(CACertFile) Dim CAstore As New X509Store(StoreName.CertificateAuthority, StoreLocation.LocalMachine) CAstore.Open(OpenFlags.ReadWrite) CAstore.Add(_CACert) CAstore.Close() Dim ServerStore As New X509Store(StoreName.TrustedPeople, StoreLocation.LocalMachine) ServerStore.Open(OpenFlags.ReadWrite) ServerStore.Add(_ServerCert) ServerStore.Close() Dim ClientStore As New X509Store(StoreName.My, StoreLocation.LocalMachine) ClientStore.Open(OpenFlags.ReadWrite) ClientStore.Add(_ClientCert) ClientStore.Close() Thanx, Josef 
Other interesting topics
Pulling specific words from a string
Basic question Enumerate members of Administrators Group (AD) MenuItem.RadioCheck Radio Button Grouping in vb/VS 2005 Web service question update more than only the email with asp.net membership making a SOAP connection persist How to pass parameter? error "concurency violation" |
|||||||||||||||||||||||
