SSL FORM POST with Client Certificate from ASP.net

Discussion in 'ASP .Net Security' started by Aung, Oct 9, 2003.

  1. Aung

    Aung Guest

    I have a class written to perform FORM POST with Client Certificate and it
    works fine with Windows Appication.
    But, I am having trouble using it from ASP.NET application and everytime i
    am getting "connection cannot be established" error.

    Any help?

    Aung


    Here is the code of my FOR POST class.

    //************************************

    public class CertPolicy : ICertificatePolicy
    {
    public bool CheckValidationResult(ServicePoint sp, X509Certificate cert,
    WebRequest request, int problem)
    {
    return true;
    }
    }

    public class myclass
    {
    public byte[] str2ByteArray(string str)
    {
    byte[] barr = new byte[str.Length];
    for (int i=0; i<str.Length; i++)
    {
    barr = Convert.ToByte(str);
    }
    return barr;
    }
    }

    public string postData(string url, string postData)
    {
    string retStr="", tempStr = "";
    HttpWebResponse result = null;
    try
    {
    HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);
    req.Method = "POST";
    req.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
    CLR 1.0.3705)";
    req.ContentType = "application/xml; charset=utf-8";
    //req.Headers.Add("charset","utf-8");
    req.ContentLength = postData.Length;
    req.KeepAlive = true;
    req.Timeout = 5000;

    X509Certificate myCert =
    X509Certificate.CreateFromCertFile(@"c:\ccer.der");
    X509CertificateCollection x509 = req.ClientCertificates;
    x509.Add (myCert);
    req.ClientCertificates.Add(myCert);
    ServicePointManager.CertificatePolicy = new CertPolicy();


    byte[] postBytes = null;

    if (postData != null)
    {
    myclass mc = new myclass();
    postBytes = mc.str2ByteArray(postData);
    req.ContentLength = postBytes.Length;
    Stream newStream = req.GetRequestStream();
    newStream.Write(postBytes, 0, postBytes.Length);
    newStream.Close();
    }
    else
    {
    req.ContentLength = 0;
    }

    result = (HttpWebResponse) req.GetResponse();
    Stream ReceiveStream = result.GetResponseStream();
    Encoding encode = System.Text.Encoding.GetEncoding("utf-8");
    StreamReader sr = new StreamReader( ReceiveStream, encode );
    Char[] read = new Char[256];
    int count = sr.Read( read, 0, 256 );

    while (count > 0)
    {
    tempStr = new String(read, 0, count);
    retStr += tempStr;
    count = sr.Read(read, 0, 256);
    }
    retStr.Trim();
    }
    catch (Exception e)
    {
    retStr = e.Message.ToString();
    }
    finally
    {
    if ( result != null )
    {
    result.Close();
    }
    }
    return retStr;
    }
    Aung, Oct 9, 2003
    #1
    1. Advertising

  2. Hi Aung,

    Move the code that performs the post to a serviced component. Configure the
    component to run under the account which has installed the client
    certificate. It should work fine.

    Subra
    "Aung" <> wrote in message
    news:...
    > I have a class written to perform FORM POST with Client Certificate and it
    > works fine with Windows Appication.
    > But, I am having trouble using it from ASP.NET application and everytime i
    > am getting "connection cannot be established" error.
    >
    > Any help?
    >
    > Aung
    >
    >
    > Here is the code of my FOR POST class.
    >
    > //************************************
    >
    > public class CertPolicy : ICertificatePolicy
    > {
    > public bool CheckValidationResult(ServicePoint sp, X509Certificate

    cert,
    > WebRequest request, int problem)
    > {
    > return true;
    > }
    > }
    >
    > public class myclass
    > {
    > public byte[] str2ByteArray(string str)
    > {
    > byte[] barr = new byte[str.Length];
    > for (int i=0; i<str.Length; i++)
    > {
    > barr = Convert.ToByte(str);
    > }
    > return barr;
    > }
    > }
    >
    > public string postData(string url, string postData)
    > {
    > string retStr="", tempStr = "";
    > HttpWebResponse result = null;
    > try
    > {
    > HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);
    > req.Method = "POST";
    > req.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;

    ..NET
    > CLR 1.0.3705)";
    > req.ContentType = "application/xml; charset=utf-8";
    > //req.Headers.Add("charset","utf-8");
    > req.ContentLength = postData.Length;
    > req.KeepAlive = true;
    > req.Timeout = 5000;
    >
    > X509Certificate myCert =
    > X509Certificate.CreateFromCertFile(@"c:\ccer.der");
    > X509CertificateCollection x509 = req.ClientCertificates;
    > x509.Add (myCert);
    > req.ClientCertificates.Add(myCert);
    > ServicePointManager.CertificatePolicy = new CertPolicy();
    >
    >
    > byte[] postBytes = null;
    >
    > if (postData != null)
    > {
    > myclass mc = new myclass();
    > postBytes = mc.str2ByteArray(postData);
    > req.ContentLength = postBytes.Length;
    > Stream newStream = req.GetRequestStream();
    > newStream.Write(postBytes, 0, postBytes.Length);
    > newStream.Close();
    > }
    > else
    > {
    > req.ContentLength = 0;
    > }
    >
    > result = (HttpWebResponse) req.GetResponse();
    > Stream ReceiveStream = result.GetResponseStream();
    > Encoding encode = System.Text.Encoding.GetEncoding("utf-8");
    > StreamReader sr = new StreamReader( ReceiveStream, encode );
    > Char[] read = new Char[256];
    > int count = sr.Read( read, 0, 256 );
    >
    > while (count > 0)
    > {
    > tempStr = new String(read, 0, count);
    > retStr += tempStr;
    > count = sr.Read(read, 0, 256);
    > }
    > retStr.Trim();
    > }
    > catch (Exception e)
    > {
    > retStr = e.Message.ToString();
    > }
    > finally
    > {
    > if ( result != null )
    > {
    > result.Close();
    > }
    > }
    > return retStr;
    > }
    >
    >
    >
    >
    Subra Mallampalli, Oct 9, 2003
    #2
    1. Advertising

  3. Aung:
    Apply the ASP.NET hotfix (v1.0 http://support.microsoft.com/?id=817854).
    There is a hot fix for v1.1 and Windows 2003 as well.
    Then give the ASPNET account access to the store with a tool like
    winhttpcertmgr. With this approach you do not need to create a service
    component.

    Hope that helps, if you need more help just drop me a line. I have a doc on
    the issue as well.

    Thanks,

    Norm.


    "Aung" <> wrote in message
    news:...
    > I have a class written to perform FORM POST with Client Certificate and it
    > works fine with Windows Appication.
    > But, I am having trouble using it from ASP.NET application and everytime i
    > am getting "connection cannot be established" error.
    >
    > Any help?
    >
    > Aung
    >
    >
    > Here is the code of my FOR POST class.
    >
    > //************************************
    >
    > public class CertPolicy : ICertificatePolicy
    > {
    > public bool CheckValidationResult(ServicePoint sp, X509Certificate

    cert,
    > WebRequest request, int problem)
    > {
    > return true;
    > }
    > }
    >
    > public class myclass
    > {
    > public byte[] str2ByteArray(string str)
    > {
    > byte[] barr = new byte[str.Length];
    > for (int i=0; i<str.Length; i++)
    > {
    > barr = Convert.ToByte(str);
    > }
    > return barr;
    > }
    > }
    >
    > public string postData(string url, string postData)
    > {
    > string retStr="", tempStr = "";
    > HttpWebResponse result = null;
    > try
    > {
    > HttpWebRequest req = (HttpWebRequest) WebRequest.Create(url);
    > req.Method = "POST";
    > req.UserAgent = "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;

    ..NET
    > CLR 1.0.3705)";
    > req.ContentType = "application/xml; charset=utf-8";
    > //req.Headers.Add("charset","utf-8");
    > req.ContentLength = postData.Length;
    > req.KeepAlive = true;
    > req.Timeout = 5000;
    >
    > X509Certificate myCert =
    > X509Certificate.CreateFromCertFile(@"c:\ccer.der");
    > X509CertificateCollection x509 = req.ClientCertificates;
    > x509.Add (myCert);
    > req.ClientCertificates.Add(myCert);
    > ServicePointManager.CertificatePolicy = new CertPolicy();
    >
    >
    > byte[] postBytes = null;
    >
    > if (postData != null)
    > {
    > myclass mc = new myclass();
    > postBytes = mc.str2ByteArray(postData);
    > req.ContentLength = postBytes.Length;
    > Stream newStream = req.GetRequestStream();
    > newStream.Write(postBytes, 0, postBytes.Length);
    > newStream.Close();
    > }
    > else
    > {
    > req.ContentLength = 0;
    > }
    >
    > result = (HttpWebResponse) req.GetResponse();
    > Stream ReceiveStream = result.GetResponseStream();
    > Encoding encode = System.Text.Encoding.GetEncoding("utf-8");
    > StreamReader sr = new StreamReader( ReceiveStream, encode );
    > Char[] read = new Char[256];
    > int count = sr.Read( read, 0, 256 );
    >
    > while (count > 0)
    > {
    > tempStr = new String(read, 0, count);
    > retStr += tempStr;
    > count = sr.Read(read, 0, 256);
    > }
    > retStr.Trim();
    > }
    > catch (Exception e)
    > {
    > retStr = e.Message.ToString();
    > }
    > finally
    > {
    > if ( result != null )
    > {
    > result.Close();
    > }
    > }
    > return retStr;
    > }
    >
    >
    >
    >
    Norman Headlam, Oct 23, 2003
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Joe Wong
    Replies:
    2
    Views:
    4,103
  2. Joe Wong
    Replies:
    0
    Views:
    474
    Joe Wong
    Feb 20, 2006
  3. John Nagle
    Replies:
    11
    Views:
    618
    =?ISO-8859-1?Q?=22Martin_v=2E_L=F6wis=22?=
    Dec 14, 2006
  4. Mfenetre
    Replies:
    11
    Views:
    1,591
    Joe Kaplan \(MVP - ADSI\)
    Oct 12, 2005
  5. DerekJMiller1
    Replies:
    5
    Views:
    671
    Guest
    Dec 13, 2006
Loading...

Share This Page