|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
PKI in .net ProgramI'm trying to access a UDDI registry server programmatically using
..net. The registry server is set to require client certificates. If I access the registry through Internet Explorer, a window pops up asking me to select a PKI certificate. However, if I try to access the registry through a C# .net program, I'm not asked for a certificate - the connection to the server just fails. Is there some way I can tell the program to send my PKI certificate to the registry server? Typically, you need to tell your web service proxy or HttpWebRequest object
what client certificate to use via it's ClientCertificate property. Did you try that? If you need to prompt the user, you'll need to actually implement that UI yourself. .NET 2.0 makes that easier. Note that client certificates can provide all sorts of challenges when used programmatically, especially in different operational contexts. Not every user of the same machine can access the same private keys for the same client certs. My experience in the newsgroups over the years is that if you have these problems, they can be very difficult to troubleshoot. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- <LauraColem***@gmail.com> wrote in message news:1158268767.946932.28860@m73g2000cwd.googlegroups.com... > I'm trying to access a UDDI registry server programmatically using > .net. The registry server is set to require client certificates. If I > access the registry through Internet Explorer, a window pops up asking > me to select a PKI certificate. However, if I try to access the > registry through a C# .net program, I'm not asked for a certificate - > the connection to the server just fails. Is there some way I can tell > the program to send my PKI certificate to the registry server? > Thanks Joe. I did finally get this to work. Adding the client
certificate to the HttpWebRequest object was no problem. It just took me a while to figure out how to access my client certificate from the program. So now I'm using PKI to authenticate the client to the server & vice versa, but I'm not sure whether I'm using PKI encryption. If my program sends data to the server will it automatically be encrypted with the server's public key (or with a session key that was set up during authentication)? Or does my program need to perform the encryption? Thanks again. ~Laura Joe Kaplan wrote: Show quoteHide quote > Typically, you need to tell your web service proxy or HttpWebRequest object > what client certificate to use via it's ClientCertificate property. Did you > try that? > > If you need to prompt the user, you'll need to actually implement that UI > yourself. .NET 2.0 makes that easier. > > Note that client certificates can provide all sorts of challenges when used > programmatically, especially in different operational contexts. Not every > user of the same machine can access the same private keys for the same > client certs. My experience in the newsgroups over the years is that if you > have these problems, they can be very difficult to troubleshoot. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > <LauraColem***@gmail.com> wrote in message > news:1158268767.946932.28860@m73g2000cwd.googlegroups.com... > > I'm trying to access a UDDI registry server programmatically using > > .net. The registry server is set to require client certificates. If I > > access the registry through Internet Explorer, a window pops up asking > > me to select a PKI certificate. However, if I try to access the > > registry through a C# .net program, I'm not asked for a certificate - > > the connection to the server just fails. Is there some way I can tell > > the program to send my PKI certificate to the registry server? > > SSL takes care of the encryption and integrity protection. Yes - SSL negotiates
a session key at the begining of the communication. --- Dominick Baier, DevelopMentor http://www.leastprivilege.com Show quoteHide quote > Thanks Joe. I did finally get this to work. Adding the client > certificate to the HttpWebRequest object was no problem. It just took > me a while to figure out how to access my client certificate from the > program. > > So now I'm using PKI to authenticate the client to the server & vice > versa, but I'm not sure whether I'm using PKI encryption. If my > program sends data to the server will it automatically be encrypted > with the server's public key (or with a session key that was set up > during authentication)? Or does my program need to perform the > encryption? > > Thanks again. > ~Laura > Joe Kaplan wrote: > >> Typically, you need to tell your web service proxy or HttpWebRequest >> object what client certificate to use via it's ClientCertificate >> property. Did you try that? >> >> If you need to prompt the user, you'll need to actually implement >> that UI yourself. .NET 2.0 makes that easier. >> >> Note that client certificates can provide all sorts of challenges >> when used programmatically, especially in different operational >> contexts. Not every user of the same machine can access the same >> private keys for the same client certs. My experience in the >> newsgroups over the years is that if you have these problems, they >> can be very difficult to troubleshoot. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> <LauraColem***@gmail.com> wrote in message >> news:1158268767.946932.28860@m73g2000cwd.googlegroups.com... >>> I'm trying to access a UDDI registry server programmatically using >>> .net. The registry server is set to require client certificates. >>> If I access the registry through Internet Explorer, a window pops up >>> asking me to select a PKI certificate. However, if I try to access >>> the registry through a C# .net program, I'm not asked for a >>> certificate - the connection to the server just fails. Is there >>> some way I can tell the program to send my PKI certificate to the >>> registry server? >>> 
Other interesting topics
IIS 6.0 Bug?
SecurityExcepion inside DLL linked in an HTML tag OBJECT System.UnauthorizedAccessException - Using win forms application opening file - Urgent Data Acess aplication block Remoting IPCChannel security with Service Active Directory User Creation Issues RSACryptoServiceProvider Saving config file - System.UnauthorizedAccessException Data Acess aplication block __How to use it on server without Microsoft Visual Studio 2003 Help-Please!!! |
|||||||||||||||||||||||
