Using X509 Certificates to access a Web Service from Windows Mobile?

Discussion in 'ASP .Net Security' started by LosManos, Jan 26, 2006.

  1. LosManos

    LosManos Guest

    I am stuck with a .Net Compact Framework 2.0 application in Windows Mobile
    5.0. The application uses a web service developed in .Net Framework 2.0 to
    synchronize data with a legacy application. So far, so good.

    The problem is that this communication is to be protected using SSL and a
    X.509 Client Certificate for user authentication. The web service itself is
    not intended to handle the security. Instead PortWise¹ acts as proxy between
    the internet and an internal webserver hosting the web service. This
    transaction is supposed to be transparent.

    [PDA] <--https--> [PortWise] <--http--> [Protected Server]
    foo.asmx foobar.asmx

    I have been reading the documentation för X.509 Certificates in .Net
    Framework and discovered that most examples for version 1.1 are inapplicable
    for .Net Compact Framework 2.0. Several new classes and methods have been
    added to improve certificate handling. Unfortunately they are not available
    in the .Net Compact Framework.

    How can I implement SSL using a X.509 Certificate on the .Net Compact
    Framework client? The certificate (pk7) and it's key have been installed on
    the PDA using CrtImprt². I have succesfully accessed the PortWise-proxy
    using PocketIE so the infrastructure is in place. But the question remains;
    how do I retrieve the stored certificate from the user store using .Net
    Compact Framework? How do I ensure that the certificate is used when calling
    the web service through the PortWise-proxy? WebService.Credentials doesn't
    support X.509 certificates and WebService.ClientCertificates aren't
    available?

    Regards

    ¹ http://www.portwise.com/
    ² http://www.jacco2.dds.nl/networking/crtimprt.html
    LosManos, Jan 26, 2006
    #1
    1. Advertising

  2. Hello,

    For such a mobile device related question, you may post in:

    microsoft.public.pocketpc.developer
    microsoft.public.pocketpc.developer.networking

    You may get more information there. Thanks,

    Luke
    Luke Zhang [MSFT], Jan 27, 2006
    #2
    1. Advertising

  3. This should help with reading certificates from the device, it was built for
    ..NETCF v1.0 but should also work with v2:-
    http://www.inthehand.com/Certificates.aspx

    Peter

    --
    Peter Foot
    Windows Embedded MVP
    www.peterfoot.net | www.inthehand.com

    "LosManos" <> wrote in message
    news:%...
    >I am stuck with a .Net Compact Framework 2.0 application in Windows Mobile
    >5.0. The application uses a web service developed in .Net Framework 2.0 to
    >synchronize data with a legacy application. So far, so good.
    >
    > The problem is that this communication is to be protected using SSL and a
    > X.509 Client Certificate for user authentication. The web service itself
    > is not intended to handle the security. Instead PortWise¹ acts as proxy
    > between the internet and an internal webserver hosting the web service.
    > This transaction is supposed to be transparent.
    >
    > [PDA] <--https--> [PortWise] <--http--> [Protected Server]
    > foo.asmx foobar.asmx
    >
    > I have been reading the documentation för X.509 Certificates in .Net
    > Framework and discovered that most examples for version 1.1 are
    > inapplicable for .Net Compact Framework 2.0. Several new classes and
    > methods have been added to improve certificate handling. Unfortunately
    > they are not available in the .Net Compact Framework.
    >
    > How can I implement SSL using a X.509 Certificate on the .Net Compact
    > Framework client? The certificate (pk7) and it's key have been installed
    > on the PDA using CrtImprt². I have succesfully accessed the PortWise-proxy
    > using PocketIE so the infrastructure is in place. But the question
    > remains; how do I retrieve the stored certificate from the user store
    > using .Net Compact Framework? How do I ensure that the certificate is used
    > when calling the web service through the PortWise-proxy?
    > WebService.Credentials doesn't support X.509 certificates and
    > WebService.ClientCertificates aren't available?
    >
    > Regards
    >
    > ¹ http://www.portwise.com/
    > ² http://www.jacco2.dds.nl/networking/crtimprt.html
    >
    >
    Peter Foot [MVP], Jan 28, 2006
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. paxtra
    Replies:
    0
    Views:
    401
    paxtra
    Aug 17, 2006
  2. chen selina
    Replies:
    0
    Views:
    1,284
    chen selina
    Jul 13, 2010
  3. Pete
    Replies:
    1
    Views:
    287
  4. Keyset does not exist X509Certificate

    Keyset does not exist at Microsoft.Web.Services.Security.X509.X509

    Keyset does not exist X509Certificate, Jun 12, 2004, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    200
    Keyset does not exist X509Certificate
    Jun 12, 2004
  5. Replies:
    0
    Views:
    370
Loading...

Share This Page