using .p12 and K509 in NET 1.1

Steve Harris TriRidium · Aug 10, 2006

Hi,

We are trying to use a P12 certificate to access a secure website using .NET
1.1

We have installed the cert and exported it as an X509.

We have also used the winhttpcertcfg utility to add IWAM permissions for it.

We have then programmatically added an X509Certificate object to the
System.Web.Services.Protocols.SoapHttpClientProtocol object we are using

We know .NET 2.0 has better support for X509, but does anybody know of a
hack or an example or an API that can use X509/P12 programmatically?

All of the above efforts have failed. We know that in Java we can use the
keystore to store and retrieve the .P12 cert and attach it programmatically
that way.

Thanks and regards

Eugene Mayevski · Aug 11, 2006

Hello!
You wrote on Thu, 10 Aug 2006 08:50:03 -0700:

SHT> We know .NET 2.0 has better support for X509, but does anybody know of
SHT> a hack or an example or an API that can use X509/P12 programmatically?

You can check PKIBlackbox ( http://www.eldos.com/sbb/desc-pki.php )

With best regards,
Eugene Mayevski
http://www.SecureBlackbox.com - the comprehensive component suite for
network security

Joe Kaplan \(MVP - ADSI\) · Aug 12, 2006

Normally, you need to get the cert installed on the machine with the private
key installed in the right key store. You also need to make sure that the
service account that is running at the time has access to the key.
Typically, the easiest way to do this is to import the certificate via the
P12 with the private key into the machine store.

If necessary, you may need to change the ACL on the private key file such
that the process that is executing has read access. This can be a pain, but
the easiest way to diagnose an error with permissions like this is to just
run the code with filemon running and look for what triggers an access
denied message. Then, change the ACL on the resource and repeat until it
works.

Unfortunately, the HttpWebRequest doesn't have a straightforward way to use
a private key stored in a file. In fact, when you pass in the client
certificate to use, it just uses that certificate to look up the certificate
in the available certificate stores to find the private key.

HTH,

Joe K.

X509Certificate2 in .NET 1.1	0	May 5, 2006
Net 1.1/2.0 and authentication against oracle	0	May 9, 2010
Digest auth in .net 1.1 and Active Directory	5	Dec 18, 2007
unknown_ca exception when using client certificate in net::https	1	Jul 25, 2010
Different Serialization Technique In .NET	0	Sep 27, 2013
Consuming a secure webservice using x509 cert (p12)	0	May 19, 2005
Error msg when doing client-side authentication	2	Oct 9, 2005
Using .NET 2.0/3.0 component in ASP.NET 1.1	6	Dec 29, 2007

using .p12 and K509 in NET 1.1

Steve Harris TriRidium

Eugene Mayevski

Joe Kaplan \(MVP - ADSI\)

Ask a Question

Similar Threads

Members online

Forum statistics

Latest Threads