asp.net client cert issue

Discussion in 'ASP .Net' started by Param R., Jan 2, 2005.

  1. Param R.

    Param R. Guest

    Hi all, I have an aspx page that needs to call a remote website that is
    protected by client cert authentication. I have installed the client cert
    and set permissions for IIS_WPG as per
    http://support.microsoft.com/default.aspx?scid=kb;en-us;817854. I then
    exported the cert to a DER encoded file.

    Now here is my code:-

    Dim h as httpwebrequest
    h = Ctype(WebRequest.Create(strurl), httpwebrequest)

    Dim mycert as X509Certificate =
    X509Certificate.CreateFromCertFile("c:\inetpub\wwwroot\mycert.cer")
    h.clientcertificates.add(mycert)

    h.contenttype = "text/xml"
    h.method = "POST"
    h.contentlength = len(strbody)

    Dim s as stream = h.getrequeststream()
    Dim sw as new streamwriter(s)
    sw.write(strbody)
    sw.close()

    Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
    Dim s2 as stream = hr.getresponsestream()
    Dim sr as new streamreader(s2)
    returnstr = sr.readtoend()
    sr.close()

    Now here is the error I am getting back:-

    The underlying connection was closed: Could not establish secure channel for
    SSL/TLS.

    Any Ideas? Please help. The same code works for a page that is not protected
    by Client Certs.

    thanks!
     
    Param R., Jan 2, 2005
    #1
    1. Advertising

  2. Param R.

    Param R. Guest

    BTW, the server is 2003 with .net 1.1 sp1 installed.

    thanks!

    "Param R." <> wrote in message
    news:%...
    > Hi all, I have an aspx page that needs to call a remote website that is
    > protected by client cert authentication. I have installed the client cert
    > and set permissions for IIS_WPG as per
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;817854. I then
    > exported the cert to a DER encoded file.
    >
    > Now here is my code:-
    >
    > Dim h as httpwebrequest
    > h = Ctype(WebRequest.Create(strurl), httpwebrequest)
    >
    > Dim mycert as X509Certificate =
    > X509Certificate.CreateFromCertFile("c:\inetpub\wwwroot\mycert.cer")
    > h.clientcertificates.add(mycert)
    >
    > h.contenttype = "text/xml"
    > h.method = "POST"
    > h.contentlength = len(strbody)
    >
    > Dim s as stream = h.getrequeststream()
    > Dim sw as new streamwriter(s)
    > sw.write(strbody)
    > sw.close()
    >
    > Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
    > Dim s2 as stream = hr.getresponsestream()
    > Dim sr as new streamreader(s2)
    > returnstr = sr.readtoend()
    > sr.close()
    >
    > Now here is the error I am getting back:-
    >
    > The underlying connection was closed: Could not establish secure channel
    > for SSL/TLS.
    >
    > Any Ideas? Please help. The same code works for a page that is not
    > protected by Client Certs.
    >
    > thanks!
    >
    >
    >
    >
     
    Param R., Jan 2, 2005
    #2
    1. Advertising

  3. Try

    h.ContentType = "application/x-www-form-urlencoded";

    Eliyahu

    "Param R." <> wrote in message
    news:%...
    > Hi all, I have an aspx page that needs to call a remote website that is
    > protected by client cert authentication. I have installed the client cert
    > and set permissions for IIS_WPG as per
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;817854. I then
    > exported the cert to a DER encoded file.
    >
    > Now here is my code:-
    >
    > Dim h as httpwebrequest
    > h = Ctype(WebRequest.Create(strurl), httpwebrequest)
    >
    > Dim mycert as X509Certificate =
    > X509Certificate.CreateFromCertFile("c:\inetpub\wwwroot\mycert.cer")
    > h.clientcertificates.add(mycert)
    >
    > h.contenttype = "text/xml"
    > h.method = "POST"
    > h.contentlength = len(strbody)
    >
    > Dim s as stream = h.getrequeststream()
    > Dim sw as new streamwriter(s)
    > sw.write(strbody)
    > sw.close()
    >
    > Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
    > Dim s2 as stream = hr.getresponsestream()
    > Dim sr as new streamreader(s2)
    > returnstr = sr.readtoend()
    > sr.close()
    >
    > Now here is the error I am getting back:-
    >
    > The underlying connection was closed: Could not establish secure channel

    for
    > SSL/TLS.
    >
    > Any Ideas? Please help. The same code works for a page that is not

    protected
    > by Client Certs.
    >
    > thanks!
    >
    >
    >
    >
     
    Eliyahu Goldin, Jan 2, 2005
    #3
  4. Param R.

    Joerg Jooss Guest

    Param R. wrote:
    > Hi all, I have an aspx page that needs to call a remote website that
    > is protected by client cert authentication. I have installed the
    > client cert and set permissions for IIS_WPG as per
    > http://support.microsoft.com/default.aspx?scid=kb;en-us;817854. I then
    > exported the cert to a DER encoded file.
    >
    > Now here is my code:-
    >
    > Dim h as httpwebrequest
    > h = Ctype(WebRequest.Create(strurl), httpwebrequest)
    >
    > Dim mycert as X509Certificate =
    > X509Certificate.CreateFromCertFile("c:\inetpub\wwwroot\mycert.cer")
    > h.clientcertificates.add(mycert)
    >
    > h.contenttype = "text/xml"
    > h.method = "POST"
    > h.contentlength = len(strbody)
    >
    > Dim s as stream = h.getrequeststream()
    > Dim sw as new streamwriter(s)
    > sw.write(strbody)
    > sw.close()
    >
    > Dim hr as httpwebresponse = Ctype(h.getresponse(), httpwebresponse)
    > Dim s2 as stream = hr.getresponsestream()
    > Dim sr as new streamreader(s2)
    > returnstr = sr.readtoend()
    > sr.close()
    >
    > Now here is the error I am getting back:-
    >
    > The underlying connection was closed: Could not establish secure
    > channel for SSL/TLS.
    >
    > Any Ideas? Please help. The same code works for a page that is not
    > protected by Client Certs.


    Either the server-side rejected your policy or your current
    ICertificatePolicy rejected the server certificate. Verify that both certs
    are OK.

    Cheers,

    --
    Joerg Jooss
    www.joergjooss.de
     
    Joerg Jooss, Jan 3, 2005
    #4
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TGVubg==?=

    SSL Webservice, makecert.exe cert issue

    =?Utf-8?B?TGVubg==?=, Aug 30, 2005, in forum: ASP .Net
    Replies:
    0
    Views:
    727
    =?Utf-8?B?TGVubg==?=
    Aug 30, 2005
  2. hepsubah
    Replies:
    2
    Views:
    751
    hepsubah
    Aug 28, 2007
  3. Roman Pereyaslavsky

    Client-side Cert Web application problem

    Roman Pereyaslavsky, Aug 14, 2003, in forum: ASP .Net Security
    Replies:
    1
    Views:
    125
    Tom Clark
    Aug 15, 2003
  4. David Chan via .NET 247
    Replies:
    1
    Views:
    350
    Dominick Baier [DevelopMentor]
    Jun 2, 2005
  5. Lenn

    SSL Webservice, makecert.exe cert issue

    Lenn, Aug 30, 2005, in forum: ASP .Net Security
    Replies:
    1
    Views:
    219
    Dominick Baier [DevelopMentor]
    Aug 30, 2005
Loading...

Share This Page