Creating & Distibuting X509 Client Certificates

Discussion in 'ASP .Net Security' started by Pete, Dec 8, 2003.

  1. Pete

    Pete Guest

    Hi,
    As part of a commerce site I'd like to generate Client Browser
    Certificates for users to install and give access to some protected
    resources.

    I'm guessing I can use the .NET X509Certificate class to create a user's
    certificate, but how do I create the initial .cer request file?

    Also if I create the cerificate on the server using the
    X509Certificate.CreateFromCertFile will be all that is required for the
    certifcate to become active?

    thanks

    Pete
     
    Pete, Dec 8, 2003
    #1
    1. Advertising

  2. Pete

    Pete Guest

    Finally came up with

    public string CreateClientCertificate(string a_sName, string a_sEmail,
    string a_sCompany, string a_sDepartment, string a_sCity, string a_sState,
    string a_sCountry, string a_sCA)

    {

    CERTCLIENTLib.CCertRequestClass cr = new CERTCLIENTLib.CCertRequestClass();

    XENROLLLib.CEnrollClass ce = new XENROLLLib.CEnrollClass();


    try

    {

    //Create the request

    string strDN = "CN=" + a_sName;

    strDN = strDN + ",O=" + a_sCompany;

    strDN = strDN + ",OU=" + a_sDepartment;

    strDN = strDN + ",L=" + a_sCity;

    strDN = strDN + ",S=" + a_sState;

    strDN = strDN + ",C=" + a_sCountry;

    strDN = strDN + ",E=" + a_sEmail;


    //Encode the request (1.3.6.1.4.1.311.2.1.21) represents a client-browser
    certificate

    strDN = ce.createPKCS10(strDN,"1.3.6.1.4.1.311.2.1.21");

    //Submit the request to the CA

    int iResult = cr.Submit(0x100 | 0x1 ,strDN,"",a_sCA);

    //Get it back out again

    string s = cr.GetCertificate(iResult);

    return s;

    }

    catch(Exception e)

    {

    return "";

    }

    }





    --
    Cheers

    Pete

    XBOX Live Leagues & Tournaments
    http://www.xboxracing.net/
    "Pete" <pete denness a-t qsadotcodotuk> wrote in message
    news:...
    > Hi,
    > As part of a commerce site I'd like to generate Client Browser
    > Certificates for users to install and give access to some protected
    > resources.
    >
    > I'm guessing I can use the .NET X509Certificate class to create a user's
    > certificate, but how do I create the initial .cer request file?
    >
    > Also if I create the cerificate on the server using the
    > X509Certificate.CreateFromCertFile will be all that is required for the
    > certifcate to become active?
    >
    > thanks
    >
    > Pete
    >
    >
     
    Pete, Dec 9, 2003
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. paxtra
    Replies:
    0
    Views:
    412
    paxtra
    Aug 17, 2006
  2. LosManos
    Replies:
    2
    Views:
    643
    Peter Foot [MVP]
    Jan 28, 2006
  3. Keyset does not exist X509Certificate

    Keyset does not exist at Microsoft.Web.Services.Security.X509.X509

    Keyset does not exist X509Certificate, Jun 12, 2004, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    215
    Keyset does not exist X509Certificate
    Jun 12, 2004
  4. n33470

    Are SSL certificates and x.509 certificates the same?

    n33470, Dec 14, 2005, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    193
    n33470
    Dec 14, 2005
  5. Replies:
    0
    Views:
    405
Loading...

Share This Page