Creating & Distibuting X509 Client Certificates

[Pete]

Hi,
As part of a commerce site I'd like to generate Client Browser
Certificates for users to install and give access to some protected
resources.

I'm guessing I can use the .NET X509Certificate class to create a user's
certificate, but how do I create the initial .cer request file?

Also if I create the cerificate on the server using the
X509Certificate.CreateFromCertFile will be all that is required for the
certifcate to become active?

thanks

Pete

 

[Pete]

Finally came up with

public string CreateClientCertificate(string a_sName, string a_sEmail,
string a_sCompany, string a_sDepartment, string a_sCity, string a_sState,
string a_sCountry, string a_sCA)

{

CERTCLIENTLib.CCertRequestClass cr = new CERTCLIENTLib.CCertRequestClass();

XENROLLLib.CEnrollClass ce = new XENROLLLib.CEnrollClass();


try

{

//Create the request

string strDN = "CN=" + a_sName;

strDN = strDN + ",O=" + a_sCompany;

strDN = strDN + ",OU=" + a_sDepartment;

strDN = strDN + ",L=" + a_sCity;

strDN = strDN + ",S=" + a_sState;

strDN = strDN + ",C=" + a_sCountry;

strDN = strDN + ",E=" + a_sEmail;


//Encode the request (1.3.6.1.4.1.311.2.1.21) represents a client-browser
certificate

strDN = ce.createPKCS10(strDN,"1.3.6.1.4.1.311.2.1.21");

//Submit the request to the CA

int iResult = cr.Submit(0x100 | 0x1 ,strDN,"",a_sCA);

//Get it back out again

string s = cr.GetCertificate(iResult);

return s;

}

catch(Exception e)

{

return "";

}

}





--
Cheers

Pete

XBOX Live Leagues & Tournaments
http://www.xboxracing.net/