Client-side Cert Web application problem

Discussion in 'ASP .Net Security' started by Roman Pereyaslavsky, Aug 14, 2003.

  1. I had the same problem about a year ago. I currently don't
    have a link to the article, but there's one on MSDN (I
    think it's part of a book "Implementing Secure ASP.Net
    Applications" or something like that). It has even a
    source code example in C# how to do it. In short - you'll
    need to create a COM+ component that will do the actual
    connection. That COM+ component will run under specific
    user profile. You have to load a valid Client Certificate
    into that user Personal Certificate store and than extract
    a public key out of it. You'll be using this public key to
    access the Client Certificate in that user's personal
    store. At run time COM+ component loads the user profile
    and at that point it can access this user's personal
    certificate store. Than you need to use the Cryptography
    libraries from .NET to add X509Certificate to your
    HTTPWebRequest object before connecting. You also might
    need to send your public key to the server for it to be
    installed if the server want to allow only certain
    certificates to access it.


    >-----Original Message-----
    >Hi all,
    >I'm trying to progamaticly connect to a website through a

    httpwebrequest.
    >The remote site requires a client side cert to be

    installed. I have
    >completed a command line a C# program that performs this

    task just fine.
    >When I move the functionality into a dotnet website, I

    get a 403 error from
    >the remote server. I've changed the iis login for

    anonymous access to the
    >user that the cert was installed for. At this point I'm

    at a loss for where
    >or what to try next. If anyone has any experince doing

    this I would
    >appreciate the input.
    >
    >Thanks again,
    >Tom Clark
    >
    >
    >.
    >
    Roman Pereyaslavsky, Aug 14, 2003
    #1
    1. Advertising

  2. Roman Pereyaslavsky

    Tom Clark Guest

    Thanks Roman,
    That is exactly what I'm doing. But I'm having trouble getting the user
    profile to load under my serviced component. I've got a pretty good how
    to on creating the serviced component, but I'm doing something wrong.

    Thanks,
    Tom Clark



    *** Sent via Developersdex http://www.developersdex.com ***
    Don't just participate in USENET...get rewarded for it!
    Tom Clark, Aug 15, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Boss302
    Replies:
    0
    Views:
    1,035
    Boss302
    Nov 21, 2006
  2. hepsubah
    Replies:
    2
    Views:
    744
    hepsubah
    Aug 28, 2007
  3. Bogdan
    Replies:
    2
    Views:
    644
    Bogdan
    Jun 9, 2008
  4. David Chan via .NET 247
    Replies:
    1
    Views:
    338
    Dominick Baier [DevelopMentor]
    Jun 2, 2005
  5. gardavis
    Replies:
    0
    Views:
    244
    gardavis
    Jul 2, 2004
Loading...

Share This Page