x.509 Certificates

Discussion in 'ASP .Net' started by GaryDean, Aug 24, 2008.

  1. GaryDean

    GaryDean Guest

    I have to write an asp.net app that uses a web service requiring x.509
    certificates. Are there any good docs on how to do this both in code and on
    the server. Most of the stuff I'm finding through google is old 1.1 docs.
    I have the certificate.

    --
    Regards,
    Gary Blakely
     
    GaryDean, Aug 24, 2008
    #1
    1. Advertising

  2. Much of that will still work, although another option is to look at WCF docs
    with SOAP as the transport mechanism. The consumption is very similar and it
    may also convince you that WCF is a better model for you, as you can create
    binary contracts for your own consumption, while still leaving the SOAP
    contracts for people outside of your domain.

    --
    Gregory A. Beamer
    MVP, MCP: +I, SE, SD, DBA

    Subscribe to my blog
    http://feeds.feedburner.com/GregoryBeamer#

    or just read it:
    http://feeds.feedburner.com/GregoryBeamer

    ********************************************
    | Think outside the box! |
    ********************************************
    "GaryDean" <> wrote in message
    news:...
    >I have to write an asp.net app that uses a web service requiring x.509
    >certificates. Are there any good docs on how to do this both in code and
    >on the server. Most of the stuff I'm finding through google is old 1.1
    >docs. I have the certificate.
    >
    > --
    > Regards,
    > Gary Blakely
    >
    >
     
    Cowboy \(Gregory A. Beamer\), Aug 25, 2008
    #2
    1. Advertising

  3. Hi Gary,

    As for using Certificate in Webservice, I'd like to confirm the detailed
    problem scenario in your environment.

    Generally, you can use x509 certificate for authentication via using the
    https/ssl transport layer security. For example, you can setup the
    webservice in IIS to se ssl/https. And you can supply certificate in client
    code (if server-side require client to provide certificate). Here are some
    reference article on this:


    #How to call a Web service by using a client certificate for authentication
    in an ASP.NET Web application
    http://support.microsoft.com/?id=901183

    #Using client certificates with ASP.NET
    http://geekswithblogs.net/lorint/archive/2005/12/30/64516.aspx

    If you want to use X509 certificate to perform custom security (such as
    encryption or signing), ASP.NET webservice doesn't directly certificate
    integrity. There is an add-on component called "Web Service Enhancement"
    (so far the latest version is 3.0 for .net framework 2.0). You can use it
    to add certiciate and message layer securityt functionality for your
    Webservice:

    #Security Features in WSE 3.0
    http://msdn.microsoft.com/en-us/magazine/cc300773.aspx

    #Implementing Message Layer Security with X.509 Certificates in WSE 3.0
    http://msdn.microsoft.com/en-us/library/aa480581.aspx

    BTW, will WCF also be a possible option for you as Gregory suggested? So
    far WSE is not updating and WCF provide more support on security such as
    certificate.


    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.

    Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    where an initial response from the community or a Microsoft Support
    Engineer within 1 business day is acceptable. Please note that each follow
    up response may take approximately 2 business days as the support
    professional working with you may need further investigation to reach the
    most efficient resolution. The offering is not appropriate for situations
    that require urgent, real-time or phone-based interactions or complex
    project analysis and dump analysis issues. Issues of this nature are best
    handled working with a dedicated Microsoft Support Engineer by contacting
    Microsoft Customer Support Services (CSS) at
    http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us.
    ==================================================
    This posting is provided "AS IS" with no warranties, and confers no rights.




    --------------------
    >From: "GaryDean" <>
    >Subject: x.509 Certificates
    >Date: Sun, 24 Aug 2008 13:40:17 -0700


    >
    >I have to write an asp.net app that uses a web service requiring x.509
    >certificates. Are there any good docs on how to do this both in code and

    on
    >the server. Most of the stuff I'm finding through google is old 1.1 docs.
    >I have the certificate.
    >
    >--
    >Regards,
    >Gary Blakely
    >
    >
    >
     
    Steven Cheng [MSFT], Aug 25, 2008
    #3
  4. GaryDean

    GaryDean Guest

    Steven:
    The article 901183 is one of those excellent "how to" articles but, like all
    the others, it is for WSE 2.0. All I can find for WSE 3.0 is MSDN docs and
    a book (that I ordered). Maybe this is the time to jump into WCF. Thanks
    for all these links.

    --
    Regards,
    Gary Blakely
    "Steven Cheng [MSFT]" <> wrote in message
    news:...
    > Hi Gary,
    >
    > As for using Certificate in Webservice, I'd like to confirm the detailed
    > problem scenario in your environment.
    >
    > Generally, you can use x509 certificate for authentication via using the
    > https/ssl transport layer security. For example, you can setup the
    > webservice in IIS to se ssl/https. And you can supply certificate in
    > client
    > code (if server-side require client to provide certificate). Here are some
    > reference article on this:
    >
    >
    > #How to call a Web service by using a client certificate for
    > authentication
    > in an ASP.NET Web application
    > http://support.microsoft.com/?id=901183
    >
    > #Using client certificates with ASP.NET
    > http://geekswithblogs.net/lorint/archive/2005/12/30/64516.aspx
    >
    > If you want to use X509 certificate to perform custom security (such as
    > encryption or signing), ASP.NET webservice doesn't directly certificate
    > integrity. There is an add-on component called "Web Service Enhancement"
    > (so far the latest version is 3.0 for .net framework 2.0). You can use it
    > to add certiciate and message layer securityt functionality for your
    > Webservice:
    >
    > #Security Features in WSE 3.0
    > http://msdn.microsoft.com/en-us/magazine/cc300773.aspx
    >
    > #Implementing Message Layer Security with X.509 Certificates in WSE 3.0
    > http://msdn.microsoft.com/en-us/library/aa480581.aspx
    >
    > BTW, will WCF also be a possible option for you as Gregory suggested? So
    > far WSE is not updating and WCF provide more support on security such as
    > certificate.
    >
    >
    > Sincerely,
    >
    > Steven Cheng
    >
    > Microsoft MSDN Online Support Lead
    >
    >
    > Delighting our customers is our #1 priority. We welcome your comments and
    > suggestions about how we can improve the support we provide to you. Please
    > feel free to let my manager know what you think of the level of service
    > provided. You can send feedback directly to my manager at:
    > .
    >
    > ==================================================
    > Get notification to my posts through email? Please refer to
    > http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.
    >
    > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
    > where an initial response from the community or a Microsoft Support
    > Engineer within 1 business day is acceptable. Please note that each follow
    > up response may take approximately 2 business days as the support
    > professional working with you may need further investigation to reach the
    > most efficient resolution. The offering is not appropriate for situations
    > that require urgent, real-time or phone-based interactions or complex
    > project analysis and dump analysis issues. Issues of this nature are best
    > handled working with a dedicated Microsoft Support Engineer by contacting
    > Microsoft Customer Support Services (CSS) at
    > http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us.
    > ==================================================
    > This posting is provided "AS IS" with no warranties, and confers no
    > rights.
    >
    >
    >
    >
    > --------------------
    >>From: "GaryDean" <>
    >>Subject: x.509 Certificates
    >>Date: Sun, 24 Aug 2008 13:40:17 -0700

    >
    >>
    >>I have to write an asp.net app that uses a web service requiring x.509
    >>certificates. Are there any good docs on how to do this both in code and

    > on
    >>the server. Most of the stuff I'm finding through google is old 1.1 docs.
    >>I have the certificate.
    >>
    >>--
    >>Regards,
    >>Gary Blakely
    >>
    >>
    >>

    >
     
    GaryDean, Aug 25, 2008
    #4
  5. Thanks for your reply Gary,

    For WSE 3.0, most of the examples and quick start reference has been
    included in the SDK (document and samples), you can download it and install
    with full version to get them.

    #Web Services Enhancements (WSE) 3.0 for Microsoft .NET
    http://www.microsoft.com/downloads/details.aspx?familyid=018a09fd-3a74-43c5-
    8ec1-8d789091255d&displaylang=en

    and here is another blog entry which include some further get started
    resource:

    #So you want to learn WSE 3.0? A short primer on how and where to start.
    http://blogs.msdn.com/mfussell/archive/2006/05/25/607820.aspx

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .


    --------
    >From: "GaryDean" <>
    >References: <>

    <>
    >Subject: Re: x.509 Certificates
    >Date: Mon, 25 Aug 2008 06:44:50 -0700


    >
    >Steven:
    >The article 901183 is one of those excellent "how to" articles but, like

    all
    >the others, it is for WSE 2.0. All I can find for WSE 3.0 is MSDN docs

    and
    >a book (that I ordered). Maybe this is the time to jump into WCF. Thanks
    >for all these links.
    >
    >--
    >Regards,
    >Gary Blakely
    >"Steven Cheng [MSFT]" <> wrote in message
    >news:...
    >> Hi Gary,
    >>
    >> As for using Certificate in Webservice, I'd like to confirm the detailed
    >> problem scenario in your environment.
    >>
    >> Generally, you can use x509 certificate for authentication via using the
    >> https/ssl transport layer security. For example, you can setup the
    >> webservice in IIS to se ssl/https. And you can supply certificate in
    >> client
    >> code (if server-side require client to provide certificate). Here are

    some
    >> reference article on this:
    >>
    >>
    >> #How to call a Web service by using a client certificate for
    >> authentication
    >> in an ASP.NET Web application
    >> http://support.microsoft.com/?id=901183
    >>
    >> #Using client certificates with ASP.NET
    >> http://geekswithblogs.net/lorint/archive/2005/12/30/64516.aspx
    >>
    >> If you want to use X509 certificate to perform custom security (such as
    >> encryption or signing), ASP.NET webservice doesn't directly certificate
    >> integrity. There is an add-on component called "Web Service Enhancement"
    >> (so far the latest version is 3.0 for .net framework 2.0). You can use

    it
    >> to add certiciate and message layer securityt functionality for your
    >> Webservice:
    >>
    >> #Security Features in WSE 3.0
    >> http://msdn.microsoft.com/en-us/magazine/cc300773.aspx
    >>
    >> #Implementing Message Layer Security with X.509 Certificates in WSE 3.0
    >> http://msdn.microsoft.com/en-us/library/aa480581.aspx
    >>
    >> BTW, will WCF also be a possible option for you as Gregory suggested? So
    >> far WSE is not updating and WCF provide more support on security such as
    >> certificate.
    >>
    >>
    >> Sincerely,
    >>
    >> Steven Cheng
    >>
    >> Microsoft MSDN Online Support Lead
    >>
    >>
    >> Delighting our customers is our #1 priority. We welcome your comments and
    >> suggestions about how we can improve the support we provide to you.

    Please
    >> feel free to let my manager know what you think of the level of service
    >> provided. You can send feedback directly to my manager at:
    >> .
    >>
    >> ==================================================
    >> Get notification to my posts through email? Please refer to
    >>

    http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.
    >>
    >> Note: The MSDN Managed Newsgroup support offering is for non-urgent

    issues
    >> where an initial response from the community or a Microsoft Support
    >> Engineer within 1 business day is acceptable. Please note that each

    follow
    >> up response may take approximately 2 business days as the support
    >> professional working with you may need further investigation to reach the
    >> most efficient resolution. The offering is not appropriate for situations
    >> that require urgent, real-time or phone-based interactions or complex
    >> project analysis and dump analysis issues. Issues of this nature are best
    >> handled working with a dedicated Microsoft Support Engineer by contacting
    >> Microsoft Customer Support Services (CSS) at
    >>

    http://support.microsoft.com/select/default.aspx?target=assistance&ln=en-us.
    >> ==================================================
    >> This posting is provided "AS IS" with no warranties, and confers no
    >> rights.
    >>
    >>
    >>
    >>
    >> --------------------
    >>>From: "GaryDean" <>
    >>>Subject: x.509 Certificates
    >>>Date: Sun, 24 Aug 2008 13:40:17 -0700

    >>
    >>>
    >>>I have to write an asp.net app that uses a web service requiring x.509
    >>>certificates. Are there any good docs on how to do this both in code and

    >> on
    >>>the server. Most of the stuff I'm finding through google is old 1.1

    docs.
    >>>I have the certificate.
    >>>
    >>>--
    >>>Regards,
    >>>Gary Blakely
    >>>
    >>>
    >>>

    >>

    >
    >
    >
     
    Steven Cheng [MSFT], Aug 26, 2008
    #5
  6. Hi Gary,

    Have you tried the examples in the WSE 3.0 sdk or do you have any further
    questions on this?

    Sincerely,

    Steven Cheng

    Microsoft MSDN Online Support Lead


    Delighting our customers is our #1 priority. We welcome your comments and
    suggestions about how we can improve the support we provide to you. Please
    feel free to let my manager know what you think of the level of service
    provided. You can send feedback directly to my manager at:
    .

    ==================================================
    Get notification to my posts through email? Please refer to
    http://msdn.microsoft.com/en-us/subscriptions/aa948868.aspx#notifications.
    This posting is provided "AS IS" with no warranties, and confers no rights.

    --------------------

    >Content-Type: text/plain
    >Content-Transfer-Encoding: 7bit
    >From: (Steven Cheng [MSFT])
    >Organization: Microsoft
    >Date: Tue, 26 Aug 2008 02:22:28 GMT
    >Subject: Re: x.509 Certificates


    >Thanks for your reply Gary,
    >
    >For WSE 3.0, most of the examples and quick start reference has been
    >included in the SDK (document and samples), you can download it and

    install
    >with full version to get them.
    >
    >#Web Services Enhancements (WSE) 3.0 for Microsoft .NET
    >http://www.microsoft.com/downloads/details.aspx?familyid=018a09fd-3a74-43c5

    -
    >8ec1-8d789091255d&displaylang=en
    >
    >and here is another blog entry which include some further get started
    >resource:
    >
    >#So you want to learn WSE 3.0? A short primer on how and where to start.
    >http://blogs.msdn.com/mfussell/archive/2006/05/25/607820.aspx
    >
    >Sincerely,
    >
    >Steven Cheng
    >
    >Microsoft MSDN Online Support Lead
    >
    >
    >Delighting our customers is our #1 priority. We welcome your comments and
    >suggestions about how we can improve the support we provide to you. Please
    >feel free to let my manager know what you think of the level of service
    >provided. You can send feedback directly to my manager at:
    >.
    >>>>>
    >>>>
    >>>>
    >>>

    >>
    >>
    >>

    >
    >
     
    Steven Cheng [MSFT], Aug 28, 2008
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. J. M.

    Generate X.509 Certificates

    J. M., Aug 1, 2003, in forum: Java
    Replies:
    4
    Views:
    4,898
    Roedy Green
    Aug 10, 2003
  2. GaryDean

    x.509 Certificates - one more time

    GaryDean, Sep 5, 2008, in forum: ASP .Net
    Replies:
    4
    Views:
    332
    Steven Cheng [MSFT]
    Sep 8, 2008
  3. Deepak

    X.509 certificates and HTTPwebrequest

    Deepak, Mar 28, 2005, in forum: ASP .Net Web Services
    Replies:
    2
    Views:
    285
    Yunus Emre ALPĂ–ZEN [MCAD.NET]
    May 6, 2005
  4. n33470

    Are SSL certificates and x.509 certificates the same?

    n33470, Dec 14, 2005, in forum: ASP .Net Web Services
    Replies:
    0
    Views:
    196
    n33470
    Dec 14, 2005
  5. Roedy Green

    Re: X.509 certificates

    Roedy Green, Nov 18, 2012, in forum: Java
    Replies:
    0
    Views:
    315
    Roedy Green
    Nov 18, 2012
Loading...

Share This Page