using .p12 and K509 in NET 1.1

Discussion in 'ASP .Net Security' started by Steve Harris TriRidium, Aug 10, 2006.

  1. Hi,

    We are trying to use a P12 certificate to access a secure website using .NET
    1.1

    We have installed the cert and exported it as an X509.

    We have also used the winhttpcertcfg utility to add IWAM permissions for it.

    We have then programmatically added an X509Certificate object to the
    System.Web.Services.Protocols.SoapHttpClientProtocol object we are using

    We know .NET 2.0 has better support for X509, but does anybody know of a
    hack or an example or an API that can use X509/P12 programmatically?

    All of the above efforts have failed. We know that in Java we can use the
    keystore to store and retrieve the .P12 cert and attach it programmatically
    that way.


    Thanks and regards
     
    Steve Harris TriRidium, Aug 10, 2006
    #1
    1. Advertising

  2. Hello!
    You wrote on Thu, 10 Aug 2006 08:50:03 -0700:

    SHT> We know .NET 2.0 has better support for X509, but does anybody know of
    SHT> a hack or an example or an API that can use X509/P12 programmatically?

    You can check PKIBlackbox ( http://www.eldos.com/sbb/desc-pki.php )

    With best regards,
    Eugene Mayevski
    http://www.SecureBlackbox.com - the comprehensive component suite for
    network security
     
    Eugene Mayevski, Aug 11, 2006
    #2
    1. Advertising

  3. Normally, you need to get the cert installed on the machine with the private
    key installed in the right key store. You also need to make sure that the
    service account that is running at the time has access to the key.
    Typically, the easiest way to do this is to import the certificate via the
    P12 with the private key into the machine store.

    If necessary, you may need to change the ACL on the private key file such
    that the process that is executing has read access. This can be a pain, but
    the easiest way to diagnose an error with permissions like this is to just
    run the code with filemon running and look for what triggers an access
    denied message. Then, change the ACL on the resource and repeat until it
    works. :)

    Unfortunately, the HttpWebRequest doesn't have a straightforward way to use
    a private key stored in a file. In fact, when you pass in the client
    certificate to use, it just uses that certificate to look up the certificate
    in the available certificate stores to find the private key.

    HTH,

    Joe K.

    --
    Joe Kaplan-MS MVP Directory Services Programming
    Co-author of "The .NET Developer's Guide to Directory Services Programming"
    http://www.directoryprogramming.net
    --
    "Steve Harris TriRidium" <> wrote
    in message news:...
    > Hi,
    >
    > We are trying to use a P12 certificate to access a secure website using
    > .NET
    > 1.1
    >
    > We have installed the cert and exported it as an X509.
    >
    > We have also used the winhttpcertcfg utility to add IWAM permissions for
    > it.
    >
    > We have then programmatically added an X509Certificate object to the
    > System.Web.Services.Protocols.SoapHttpClientProtocol object we are using
    >
    > We know .NET 2.0 has better support for X509, but does anybody know of a
    > hack or an example or an API that can use X509/P12 programmatically?
    >
    > All of the above efforts have failed. We know that in Java we can use the
    > keystore to store and retrieve the .P12 cert and attach it
    > programmatically
    > that way.
    >
    >
    > Thanks and regards
    >
     
    Joe Kaplan \(MVP - ADSI\), Aug 12, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Veeresh
    Replies:
    3
    Views:
    440
    Veeresh
    Jul 10, 2004
  2. =?Utf-8?B?R3VydQ==?=

    p12 certificate in .net

    =?Utf-8?B?R3VydQ==?=, Oct 16, 2004, in forum: ASP .Net
    Replies:
    0
    Views:
    606
    =?Utf-8?B?R3VydQ==?=
    Oct 16, 2004
  3. Sam Steiner via .NET 247

    calling web service per SSL .p12 file

    Sam Steiner via .NET 247, Aug 31, 2004, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    317
    Sam Steiner via .NET 247
    Aug 31, 2004
  4. charlief1975

    Consuming a secure webservice using x509 cert (p12)

    charlief1975, May 19, 2005, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    163
    charlief1975
    May 19, 2005
  5. Urabe Shyouhei

    Ruby 1.8.5-p12 released

    Urabe Shyouhei, Dec 25, 2006, in forum: Ruby
    Replies:
    3
    Views:
    119
    Nicolas Desprès
    Feb 4, 2007
Loading...

Share This Page