|
security
newsgroups
|
|||||||||||||||||||||||
|
|||||||||||||||||||||||
regarding retrival of server certificatehi,
am bharathi currently working in .net platform,in my application iam in need of retriving the certificate stored at the server and to validate the identity of the server. my sever is winn.mygdc.com and it's a apache web server. is there any options available in the .net to attain this. please help me regarding this issue. thanx in advance regards bharathi Are you using SSL? It takes care of that for you. If you want to do
something programmatic involving SSL and HTTP, use the HttpWebRequest class in .NET to access the Apache server. If you want to get details of the server's certificate, you can create an instance of a class that implements ICertificatePolicy and use the CheckValidationResult to get the server's certificate during the SSL handshake and check to see if it is valid. HTH, Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- <barathee_r***@yahoo.co.in> wrote in message news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > hi, > am bharathi currently working in .net platform,in my application > iam in need of retriving the certificate stored at the server and to > validate the identity of the server. > my sever is winn.mygdc.com and it's a apache web server. > is there any options available in the .net to attain this. > > please help me regarding this issue. > > thanx in advance > > regards > bharathi > thank for ur reponse
actually i want to get the certificate stored at the server and to validate it ho to get the certificate in my server is there any function? please help me regarding issue... regards bharathi Joe Kaplan wrote: Show quoteHide quote > Are you using SSL? It takes care of that for you. If you want to do > something programmatic involving SSL and HTTP, use the HttpWebRequest class > in .NET to access the Apache server. If you want to get details of the > server's certificate, you can create an instance of a class that implements > ICertificatePolicy and use the CheckValidationResult to get the server's > certificate during the SSL handshake and check to see if it is valid. > > HTH, > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > <barathee_r***@yahoo.co.in> wrote in message > news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > > hi, > > am bharathi currently working in .net platform,in my application > > iam in need of retriving the certificate stored at the server and to > > validate the identity of the server. > > my sever is winn.mygdc.com and it's a apache web server. > > is there any options available in the .net to attain this. > > > > please help me regarding this issue. > > > > thanx in advance > > > > regards > > bharathi > > As Joe already pointed out - use SSL - thats an easy and standard way to
get a server certificate for validation and authentication. You even have more control over the whole process by using the SslStream class in .NET 2.0 All other ways would involve an apache/OS specific way to transfer the cert to the client... ----- Dominick Baier (http://www.leastprivilege.com) Show quoteHide quote > thank for ur reponse > actually i want to get the certificate stored at the server and to > validate it > ho to get the certificate in my server is there any function? > please help me regarding issue... > > regards > bharathi > Joe Kaplan wrote: > >> Are you using SSL? It takes care of that for you. If you want to do >> something programmatic involving SSL and HTTP, use the HttpWebRequest >> class in .NET to access the Apache server. If you want to get >> details of the server's certificate, you can create an instance of a >> class that implements ICertificatePolicy and use the >> CheckValidationResult to get the server's certificate during the SSL >> handshake and check to see if it is valid. >> >> HTH, >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> <barathee_r***@yahoo.co.in> wrote in message >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... >>> hi, >>> am bharathi currently working in .net platform,in my application >>> iam in need of retriving the certificate stored at the server and to >>> validate the identity of the server. >>> my sever is winn.mygdc.com and it's a apache web server. >>> is there any options available in the .net to attain this. >>> please help me regarding this issue. >>> >>> thanx in advance >>> >>> regards >>> bharathi thanks for ur reply
can u please help me with a sample code... regards bharathi Dominick Baier wrote: Show quoteHide quote > As Joe already pointed out - use SSL - thats an easy and standard way to > get a server certificate for validation and authentication. > > You even have more control over the whole process by using the SslStream > class in .NET 2.0 > > All other ways would involve an apache/OS specific way to transfer the cert > to the client... > > ----- > Dominick Baier (http://www.leastprivilege.com) > > > thank for ur reponse > > actually i want to get the certificate stored at the server and to > > validate it > > ho to get the certificate in my server is there any function? > > please help me regarding issue... > > > > regards > > bharathi > > Joe Kaplan wrote: > > > >> Are you using SSL? It takes care of that for you. If you want to do > >> something programmatic involving SSL and HTTP, use the HttpWebRequest > >> class in .NET to access the Apache server. If you want to get > >> details of the server's certificate, you can create an instance of a > >> class that implements ICertificatePolicy and use the > >> CheckValidationResult to get the server's certificate during the SSL > >> handshake and check to see if it is valid. > >> > >> HTH, > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> <barathee_r***@yahoo.co.in> wrote in message > >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > >>> hi, > >>> am bharathi currently working in .net platform,in my application > >>> iam in need of retriving the certificate stored at the server and to > >>> validate the identity of the server. > >>> my sever is winn.mygdc.com and it's a apache web server. > >>> is there any options available in the .net to attain this. > >>> please help me regarding this issue. > >>> > >>> thanx in advance > >>> > >>> regards > >>> bharathi What have you tried so far? Do you want an example with SslStream or with
HttpWebRequest and ICertificatePolicy? What language? I think it might be better if you just try one of the samples for SslStream first to see if you can make any progress with it. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- <barathee_r***@yahoo.co.in> wrote in message news:1165811039.566705.236830@73g2000cwn.googlegroups.com... > thanks for ur reply > can u please help me with a sample code... > > regards > bharathi > > Dominick Baier wrote: >> As Joe already pointed out - use SSL - thats an easy and standard way to >> get a server certificate for validation and authentication. >> >> You even have more control over the whole process by using the SslStream >> class in .NET 2.0 >> >> All other ways would involve an apache/OS specific way to transfer the >> cert >> to the client... >> >> ----- >> Dominick Baier (http://www.leastprivilege.com) >> >> > thank for ur reponse >> > actually i want to get the certificate stored at the server and to >> > validate it >> > ho to get the certificate in my server is there any function? >> > please help me regarding issue... >> > >> > regards >> > bharathi >> > Joe Kaplan wrote: >> > >> >> Are you using SSL? It takes care of that for you. If you want to do >> >> something programmatic involving SSL and HTTP, use the HttpWebRequest >> >> class in .NET to access the Apache server. If you want to get >> >> details of the server's certificate, you can create an instance of a >> >> class that implements ICertificatePolicy and use the >> >> CheckValidationResult to get the server's certificate during the SSL >> >> handshake and check to see if it is valid. >> >> >> >> HTH, >> >> >> >> Joe K. >> >> >> >> -- >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> Programming" >> >> http://www.directoryprogramming.net >> >> -- >> >> <barathee_r***@yahoo.co.in> wrote in message >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... >> >>> hi, >> >>> am bharathi currently working in .net platform,in my application >> >>> iam in need of retriving the certificate stored at the server and to >> >>> validate the identity of the server. >> >>> my sever is winn.mygdc.com and it's a apache web server. >> >>> is there any options available in the .net to attain this. >> >>> please help me regarding this issue. >> >>> >> >>> thanx in advance >> >>> >> >>> regards >> >>> bharathi > thanks joe,
can u please help me with a code in HttpwebRequest And IcertificatePolicy i have tried with SSlstream and got the certificate but this is using tcp stream i need to use http sream which enales me to pass the request throug the httpproxy please help me witha sample code regards bharathi Joe Kaplan wrote: Show quoteHide quote > What have you tried so far? Do you want an example with SslStream or with > HttpWebRequest and ICertificatePolicy? What language? > > I think it might be better if you just try one of the samples for SslStream > first to see if you can make any progress with it. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > <barathee_r***@yahoo.co.in> wrote in message > news:1165811039.566705.236830@73g2000cwn.googlegroups.com... > > thanks for ur reply > > can u please help me with a sample code... > > > > regards > > bharathi > > > > Dominick Baier wrote: > >> As Joe already pointed out - use SSL - thats an easy and standard way to > >> get a server certificate for validation and authentication. > >> > >> You even have more control over the whole process by using the SslStream > >> class in .NET 2.0 > >> > >> All other ways would involve an apache/OS specific way to transfer the > >> cert > >> to the client... > >> > >> ----- > >> Dominick Baier (http://www.leastprivilege.com) > >> > >> > thank for ur reponse > >> > actually i want to get the certificate stored at the server and to > >> > validate it > >> > ho to get the certificate in my server is there any function? > >> > please help me regarding issue... > >> > > >> > regards > >> > bharathi > >> > Joe Kaplan wrote: > >> > > >> >> Are you using SSL? It takes care of that for you. If you want to do > >> >> something programmatic involving SSL and HTTP, use the HttpWebRequest > >> >> class in .NET to access the Apache server. If you want to get > >> >> details of the server's certificate, you can create an instance of a > >> >> class that implements ICertificatePolicy and use the > >> >> CheckValidationResult to get the server's certificate during the SSL > >> >> handshake and check to see if it is valid. > >> >> > >> >> HTH, > >> >> > >> >> Joe K. > >> >> > >> >> -- > >> >> Joe Kaplan-MS MVP Directory Services Programming > >> >> Co-author of "The .NET Developer's Guide to Directory Services > >> >> Programming" > >> >> http://www.directoryprogramming.net > >> >> -- > >> >> <barathee_r***@yahoo.co.in> wrote in message > >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > >> >>> hi, > >> >>> am bharathi currently working in .net platform,in my application > >> >>> iam in need of retriving the certificate stored at the server and to > >> >>> validate the identity of the server. > >> >>> my sever is winn.mygdc.com and it's a apache web server. > >> >>> is there any options available in the .net to attain this. > >> >>> please help me regarding this issue. > >> >>> > >> >>> thanx in advance > >> >>> > >> >>> regards > >> >>> bharathi > > iam using the following code to get the certificate from the server
Imports System.Net Imports System.Net.Security Imports System.Collections Imports System.Security.Authentication Imports System.Net.Sockets Imports System.Text Imports System.Security.Cryptography.X509Certificates Imports System.IO Module Module1 Dim client As TcpClient Dim sslstream As SslStream Dim sender As New Object Dim certificate, servercertificate As New X509Certificate Dim chain As X509Chain Dim sslPolicyErrors As New SslPolicyErrors Dim expcerdate As New Date Dim certsubject, certname As String Dim certsubjectvalues() As String Sub Main(ByVal args() As String) 'Dim st As NetworkStream = cli. Try client = New TcpClient client.Connect("winn.mygdc.com", 443) Catch ex As Exception 'Console.WriteLine(ex.Message) End Try Console.WriteLine("Client is connected ") sslstream = New SslStream(client.GetStream(), False, New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing) ' Try 'sslstream = New SslStream(cli.OpenRead(args(0)), False, New RemoteCertificateValidationCallback(AddressOf ValidateServerCertificate), Nothing) 'Catch ex As Exception 'Console.WriteLine("Authentication Failed Closing Connection", ex.Message) 'End Try Try sslstream.AuthenticateAsClient("winn.mygdc.com") Catch ex As AuthenticationException Console.WriteLine("Authentication Failed Closing Connection", ex.Message) End Try servercertificate = sslstream.RemoteCertificate() Console.WriteLine("Server certificate details...") Console.WriteLine(servercertificate.Issuer) Console.WriteLine(servercertificate.Subject) servercertificate.GetPublicKeyString() Console.WriteLine(servercertificate.GetEffectiveDateString()) Console.WriteLine(servercertificate.GetExpirationDateString()) Console.WriteLine(servercertificate.GetSerialNumberString()) Console.WriteLine(servercertificate.GetKeyAlgorithmParametersString()) Console.WriteLine(servercertificate.GetType) certsubject = servercertificate.Subject certsubjectvalues = certsubject.Split(",") certname = certsubjectvalues(0).Substring((certsubjectvalues(0).IndexOf("=") + 1)) If (certname.Equals("winn.mygdc.com")) Then Console.WriteLine("Trusted certificate") Else Console.WriteLine("Untrusted certificate") End If expcerdate = CDate(servercertificate.GetExpirationDateString()) If (Date.Now > expcerdate) Then Console.WriteLine("certificate expired") Else Console.WriteLine("certificate is valid") End If client.Close() End Sub Public Function ValidateServerCertificate(ByVal sender As Object, ByVal certificate As X509Certificate, ByVal chain As X509Chain, ByVal sslPolicyErrors As SslPolicyErrors) As Boolean If (sslPolicyErrors.Equals(sslPolicyErrors.None)) Then Return True Else Return False End If End Function End Module barathee_r***@yahoo.co.in wrote: Show quoteHide quote > thanks joe, > can u please help me with a code in HttpwebRequest And > IcertificatePolicy > i have tried with SSlstream and got the certificate > but this is using tcp stream > i need to use http sream which enales me to pass the request throug the > httpproxy > > please help me witha sample code > > regards > bharathi > > Joe Kaplan wrote: > > What have you tried so far? Do you want an example with SslStream or with > > HttpWebRequest and ICertificatePolicy? What language? > > > > I think it might be better if you just try one of the samples for SslStream > > first to see if you can make any progress with it. > > > > Joe K. > > > > -- > > Joe Kaplan-MS MVP Directory Services Programming > > Co-author of "The .NET Developer's Guide to Directory Services Programming" > > http://www.directoryprogramming.net > > -- > > <barathee_r***@yahoo.co.in> wrote in message > > news:1165811039.566705.236830@73g2000cwn.googlegroups.com... > > > thanks for ur reply > > > can u please help me with a sample code... > > > > > > regards > > > bharathi > > > > > > Dominick Baier wrote: > > >> As Joe already pointed out - use SSL - thats an easy and standard way to > > >> get a server certificate for validation and authentication. > > >> > > >> You even have more control over the whole process by using the SslStream > > >> class in .NET 2.0 > > >> > > >> All other ways would involve an apache/OS specific way to transfer the > > >> cert > > >> to the client... > > >> > > >> ----- > > >> Dominick Baier (http://www.leastprivilege.com) > > >> > > >> > thank for ur reponse > > >> > actually i want to get the certificate stored at the server and to > > >> > validate it > > >> > ho to get the certificate in my server is there any function? > > >> > please help me regarding issue... > > >> > > > >> > regards > > >> > bharathi > > >> > Joe Kaplan wrote: > > >> > > > >> >> Are you using SSL? It takes care of that for you. If you want to do > > >> >> something programmatic involving SSL and HTTP, use the HttpWebRequest > > >> >> class in .NET to access the Apache server. If you want to get > > >> >> details of the server's certificate, you can create an instance of a > > >> >> class that implements ICertificatePolicy and use the > > >> >> CheckValidationResult to get the server's certificate during the SSL > > >> >> handshake and check to see if it is valid. > > >> >> > > >> >> HTH, > > >> >> > > >> >> Joe K. > > >> >> > > >> >> -- > > >> >> Joe Kaplan-MS MVP Directory Services Programming > > >> >> Co-author of "The .NET Developer's Guide to Directory Services > > >> >> Programming" > > >> >> http://www.directoryprogramming.net > > >> >> -- > > >> >> <barathee_r***@yahoo.co.in> wrote in message > > >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > > >> >>> hi, > > >> >>> am bharathi currently working in .net platform,in my application > > >> >>> iam in need of retriving the certificate stored at the server and to > > >> >>> validate the identity of the server. > > >> >>> my sever is winn.mygdc.com and it's a apache web server. > > >> >>> is there any options available in the .net to attain this. > > >> >>> please help me regarding this issue. > > >> >>> > > >> >>> thanx in advance > > >> >>> > > >> >>> regards > > >> >>> bharathi > > > The first thing I would do is create an HttpWebRequest that attempts to
access your server and get the proxies working correctly by configuring the Proxy property to work they way you need it to in your environment. Once you can get the HttpWebRequest working and can get a response back, then you can just add the ICertificatePolicy stuff. Basically, you just create a class that implements ICertificatePolicy, create an instance of it and then set the CertificatePolicy property on the ServicePointManager to the instance of your class. Then, your CheckValidationResult method will be called and the arguments of that function will contain the server certificate. You might also be able to get your SslStream approach to work by opening a socket to the proxy server on the proxy server port, but I've never messed with proxies at the TCP level before, so I don't know. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- <barathee_r***@yahoo.co.in> wrote in message news:1166172384.981780.275640@f1g2000cwa.googlegroups.com... > thanks joe, > can u please help me with a code in HttpwebRequest And > IcertificatePolicy > i have tried with SSlstream and got the certificate > but this is using tcp stream > i need to use http sream which enales me to pass the request throug the > httpproxy > > please help me witha sample code > > regards > bharathi > > Joe Kaplan wrote: >> What have you tried so far? Do you want an example with SslStream or >> with >> HttpWebRequest and ICertificatePolicy? What language? >> >> I think it might be better if you just try one of the samples for >> SslStream >> first to see if you can make any progress with it. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> <barathee_r***@yahoo.co.in> wrote in message >> news:1165811039.566705.236830@73g2000cwn.googlegroups.com... >> > thanks for ur reply >> > can u please help me with a sample code... >> > >> > regards >> > bharathi >> > >> > Dominick Baier wrote: >> >> As Joe already pointed out - use SSL - thats an easy and standard way >> >> to >> >> get a server certificate for validation and authentication. >> >> >> >> You even have more control over the whole process by using the >> >> SslStream >> >> class in .NET 2.0 >> >> >> >> All other ways would involve an apache/OS specific way to transfer the >> >> cert >> >> to the client... >> >> >> >> ----- >> >> Dominick Baier (http://www.leastprivilege.com) >> >> >> >> > thank for ur reponse >> >> > actually i want to get the certificate stored at the server and to >> >> > validate it >> >> > ho to get the certificate in my server is there any function? >> >> > please help me regarding issue... >> >> > >> >> > regards >> >> > bharathi >> >> > Joe Kaplan wrote: >> >> > >> >> >> Are you using SSL? It takes care of that for you. If you want to >> >> >> do >> >> >> something programmatic involving SSL and HTTP, use the >> >> >> HttpWebRequest >> >> >> class in .NET to access the Apache server. If you want to get >> >> >> details of the server's certificate, you can create an instance of >> >> >> a >> >> >> class that implements ICertificatePolicy and use the >> >> >> CheckValidationResult to get the server's certificate during the >> >> >> SSL >> >> >> handshake and check to see if it is valid. >> >> >> >> >> >> HTH, >> >> >> >> >> >> Joe K. >> >> >> >> >> >> -- >> >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> >> Programming" >> >> >> http://www.directoryprogramming.net >> >> >> -- >> >> >> <barathee_r***@yahoo.co.in> wrote in message >> >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... >> >> >>> hi, >> >> >>> am bharathi currently working in .net platform,in my application >> >> >>> iam in need of retriving the certificate stored at the server and >> >> >>> to >> >> >>> validate the identity of the server. >> >> >>> my sever is winn.mygdc.com and it's a apache web server. >> >> >>> is there any options available in the .net to attain this. >> >> >>> please help me regarding this issue. >> >> >>> >> >> >>> thanx in advance >> >> >>> >> >> >>> regards >> >> >>> bharathi >> > > hanks joe..
can u please help me with a example code for ICertificatePolicy.. regards bharathi Joe Kaplan wrote: Show quoteHide quote > The first thing I would do is create an HttpWebRequest that attempts to > access your server and get the proxies working correctly by configuring the > Proxy property to work they way you need it to in your environment. > > Once you can get the HttpWebRequest working and can get a response back, > then you can just add the ICertificatePolicy stuff. Basically, you just > create a class that implements ICertificatePolicy, create an instance of it > and then set the CertificatePolicy property on the ServicePointManager to > the instance of your class. Then, your CheckValidationResult method will be > called and the arguments of that function will contain the server > certificate. > > You might also be able to get your SslStream approach to work by opening a > socket to the proxy server on the proxy server port, but I've never messed > with proxies at the TCP level before, so I don't know. > > Joe K. > > -- > Joe Kaplan-MS MVP Directory Services Programming > Co-author of "The .NET Developer's Guide to Directory Services Programming" > http://www.directoryprogramming.net > -- > <barathee_r***@yahoo.co.in> wrote in message > news:1166172384.981780.275640@f1g2000cwa.googlegroups.com... > > thanks joe, > > can u please help me with a code in HttpwebRequest And > > IcertificatePolicy > > i have tried with SSlstream and got the certificate > > but this is using tcp stream > > i need to use http sream which enales me to pass the request throug the > > httpproxy > > > > please help me witha sample code > > > > regards > > bharathi > > > > Joe Kaplan wrote: > >> What have you tried so far? Do you want an example with SslStream or > >> with > >> HttpWebRequest and ICertificatePolicy? What language? > >> > >> I think it might be better if you just try one of the samples for > >> SslStream > >> first to see if you can make any progress with it. > >> > >> Joe K. > >> > >> -- > >> Joe Kaplan-MS MVP Directory Services Programming > >> Co-author of "The .NET Developer's Guide to Directory Services > >> Programming" > >> http://www.directoryprogramming.net > >> -- > >> <barathee_r***@yahoo.co.in> wrote in message > >> news:1165811039.566705.236830@73g2000cwn.googlegroups.com... > >> > thanks for ur reply > >> > can u please help me with a sample code... > >> > > >> > regards > >> > bharathi > >> > > >> > Dominick Baier wrote: > >> >> As Joe already pointed out - use SSL - thats an easy and standard way > >> >> to > >> >> get a server certificate for validation and authentication. > >> >> > >> >> You even have more control over the whole process by using the > >> >> SslStream > >> >> class in .NET 2.0 > >> >> > >> >> All other ways would involve an apache/OS specific way to transfer the > >> >> cert > >> >> to the client... > >> >> > >> >> ----- > >> >> Dominick Baier (http://www.leastprivilege.com) > >> >> > >> >> > thank for ur reponse > >> >> > actually i want to get the certificate stored at the server and to > >> >> > validate it > >> >> > ho to get the certificate in my server is there any function? > >> >> > please help me regarding issue... > >> >> > > >> >> > regards > >> >> > bharathi > >> >> > Joe Kaplan wrote: > >> >> > > >> >> >> Are you using SSL? It takes care of that for you. If you want to > >> >> >> do > >> >> >> something programmatic involving SSL and HTTP, use the > >> >> >> HttpWebRequest > >> >> >> class in .NET to access the Apache server. If you want to get > >> >> >> details of the server's certificate, you can create an instance of > >> >> >> a > >> >> >> class that implements ICertificatePolicy and use the > >> >> >> CheckValidationResult to get the server's certificate during the > >> >> >> SSL > >> >> >> handshake and check to see if it is valid. > >> >> >> > >> >> >> HTH, > >> >> >> > >> >> >> Joe K. > >> >> >> > >> >> >> -- > >> >> >> Joe Kaplan-MS MVP Directory Services Programming > >> >> >> Co-author of "The .NET Developer's Guide to Directory Services > >> >> >> Programming" > >> >> >> http://www.directoryprogramming.net > >> >> >> -- > >> >> >> <barathee_r***@yahoo.co.in> wrote in message > >> >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... > >> >> >>> hi, > >> >> >>> am bharathi currently working in .net platform,in my application > >> >> >>> iam in need of retriving the certificate stored at the server and > >> >> >>> to > >> >> >>> validate the identity of the server. > >> >> >>> my sever is winn.mygdc.com and it's a apache web server. > >> >> >>> is there any options available in the .net to attain this. > >> >> >>> please help me regarding this issue. > >> >> >>> > >> >> >>> thanx in advance > >> >> >>> > >> >> >>> regards > >> >> >>> bharathi > >> > > > I was just checking around with this and there appears to be an even easier
way to do this in .NET 2.0 than implement ICertificatePolicy. The ServicePointManager class now has a ServerCertificateVerificationCallback which is a delegate type. Just define a method with the same signature as the delegate and assign it to the ServicePointManager using AddressOf. Then, your function will be called when a HTTPS connection is established. Public Function MyCertificateCallback ( _ sender As Object, _ certificate As X509Certificate, _ chain As X509Chain, _ sslPolicyErrors As SslPolicyErrors _ ) As Boolean 'do something in here. Make sure you return True if you want to allow the request. End Function ServicePointManager.ServerCertificateValidationCallback = AddressOf MyCertificateCallback ICertificatePolicy isn't much more difficult to implement, but it is more useful to use the new delegate as you get the whole cert chain now and a strongly typed enum value for any policy errors instead of a number you have to look up in the Windows API reference. Joe K. -- Show quoteHide quoteJoe Kaplan-MS MVP Directory Services Programming Co-author of "The .NET Developer's Guide to Directory Services Programming" http://www.directoryprogramming.net -- <barathee_r***@yahoo.co.in> wrote in message news:1166414209.700700.58150@n67g2000cwd.googlegroups.com... > hanks joe.. > can u please help me with a example code for ICertificatePolicy.. > > regards > bharathi > > Joe Kaplan wrote: >> The first thing I would do is create an HttpWebRequest that attempts to >> access your server and get the proxies working correctly by configuring >> the >> Proxy property to work they way you need it to in your environment. >> >> Once you can get the HttpWebRequest working and can get a response back, >> then you can just add the ICertificatePolicy stuff. Basically, you just >> create a class that implements ICertificatePolicy, create an instance of >> it >> and then set the CertificatePolicy property on the ServicePointManager to >> the instance of your class. Then, your CheckValidationResult method will >> be >> called and the arguments of that function will contain the server >> certificate. >> >> You might also be able to get your SslStream approach to work by opening >> a >> socket to the proxy server on the proxy server port, but I've never >> messed >> with proxies at the TCP level before, so I don't know. >> >> Joe K. >> >> -- >> Joe Kaplan-MS MVP Directory Services Programming >> Co-author of "The .NET Developer's Guide to Directory Services >> Programming" >> http://www.directoryprogramming.net >> -- >> <barathee_r***@yahoo.co.in> wrote in message >> news:1166172384.981780.275640@f1g2000cwa.googlegroups.com... >> > thanks joe, >> > can u please help me with a code in HttpwebRequest And >> > IcertificatePolicy >> > i have tried with SSlstream and got the certificate >> > but this is using tcp stream >> > i need to use http sream which enales me to pass the request throug the >> > httpproxy >> > >> > please help me witha sample code >> > >> > regards >> > bharathi >> > >> > Joe Kaplan wrote: >> >> What have you tried so far? Do you want an example with SslStream or >> >> with >> >> HttpWebRequest and ICertificatePolicy? What language? >> >> >> >> I think it might be better if you just try one of the samples for >> >> SslStream >> >> first to see if you can make any progress with it. >> >> >> >> Joe K. >> >> >> >> -- >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> Programming" >> >> http://www.directoryprogramming.net >> >> -- >> >> <barathee_r***@yahoo.co.in> wrote in message >> >> news:1165811039.566705.236830@73g2000cwn.googlegroups.com... >> >> > thanks for ur reply >> >> > can u please help me with a sample code... >> >> > >> >> > regards >> >> > bharathi >> >> > >> >> > Dominick Baier wrote: >> >> >> As Joe already pointed out - use SSL - thats an easy and standard >> >> >> way >> >> >> to >> >> >> get a server certificate for validation and authentication. >> >> >> >> >> >> You even have more control over the whole process by using the >> >> >> SslStream >> >> >> class in .NET 2.0 >> >> >> >> >> >> All other ways would involve an apache/OS specific way to transfer >> >> >> the >> >> >> cert >> >> >> to the client... >> >> >> >> >> >> ----- >> >> >> Dominick Baier (http://www.leastprivilege.com) >> >> >> >> >> >> > thank for ur reponse >> >> >> > actually i want to get the certificate stored at the server and >> >> >> > to >> >> >> > validate it >> >> >> > ho to get the certificate in my server is there any function? >> >> >> > please help me regarding issue... >> >> >> > >> >> >> > regards >> >> >> > bharathi >> >> >> > Joe Kaplan wrote: >> >> >> > >> >> >> >> Are you using SSL? It takes care of that for you. If you want >> >> >> >> to >> >> >> >> do >> >> >> >> something programmatic involving SSL and HTTP, use the >> >> >> >> HttpWebRequest >> >> >> >> class in .NET to access the Apache server. If you want to get >> >> >> >> details of the server's certificate, you can create an instance >> >> >> >> of >> >> >> >> a >> >> >> >> class that implements ICertificatePolicy and use the >> >> >> >> CheckValidationResult to get the server's certificate during the >> >> >> >> SSL >> >> >> >> handshake and check to see if it is valid. >> >> >> >> >> >> >> >> HTH, >> >> >> >> >> >> >> >> Joe K. >> >> >> >> >> >> >> >> -- >> >> >> >> Joe Kaplan-MS MVP Directory Services Programming >> >> >> >> Co-author of "The .NET Developer's Guide to Directory Services >> >> >> >> Programming" >> >> >> >> http://www.directoryprogramming.net >> >> >> >> -- >> >> >> >> <barathee_r***@yahoo.co.in> wrote in message >> >> >> >> news:1165398418.770961.98240@80g2000cwy.googlegroups.com... >> >> >> >>> hi, >> >> >> >>> am bharathi currently working in .net platform,in my >> >> >> >>> application >> >> >> >>> iam in need of retriving the certificate stored at the server >> >> >> >>> and >> >> >> >>> to >> >> >> >>> validate the identity of the server. >> >> >> >>> my sever is winn.mygdc.com and it's a apache web server. >> >> >> >>> is there any options available in the .net to attain this. >> >> >> >>> please help me regarding this issue. >> >> >> >>> >> >> >> >>> thanx in advance >> >> >> >>> >> >> >> >>> regards >> >> >> >>> bharathi >> >> > >> > > 
Other interesting topics
Permissions on Event Log?
Newbie Security Question Is there a limit to number record returned from AD serach to a dat Creating Authorization Manager Store through Code Encrypt Email with Certificate Natively in .Net what NewsGroup tools do you use? Signing a .NET Application TripleDESCryptoServiceProvider - Secret Key Length permission problems Authorization Manager Problem |
|||||||||||||||||||||||
