Dump client certificates from SSL to file?

  • Thread starter Jonas Oholm (Sweden)
  • Start date

J

Jonas Oholm (Sweden)

Hi

I'm using the following ASP-page (taken from http://support.microsoft.com/default.aspx?scid=kb;en-us;216829) to dump client certificates from an SSL connection to a file on the webserver. It worked fine before on an IIS5 but now, using IIS6 it gives me a strange output. (see at the end of the messege)

Here's the code
<% @Language = VBScript %><% Response.Buffer = True %><html><head><title>Client Certificate Capture</title></head><body><%
'Obtain client nam
cname = Request.ClientCertificate("SubjectCN"
'Instantiate the ASP FileSystemObject in order to create a text fil
Set fs = Server.CreateObject("Scripting.FileSystemObject"
'Create text file using append mode. The client name is used to create the file name.
Set outStream = fs.OpenTextFile( "c:\inetpub\wwwroot\dump\" & cname &".txt" , 8, True
'Save certificate issuer information to text fil
outStream.WriteLine( "# Issuer: " & Request.ClientCertificate("Issuer")
'Extract certificate subject (user) and account informatio
'from certificate
su = Request.ClientCertificate( "Subject"
mx = len(su)
for x = 1 to m
if mid(su,x,1)=chr(10) or mid(su,x,1)=chr(13) the
su=left(su,x-1)+";"+right(su,mx-x)
end if
nex
outStream.WriteLine( "# Subject: " & su
outStream.WriteLine( "# Account: " & Request.ServerVariables("REMOTE_USER")
'Extract encrypted certificate text from certificate; encode text as 64-bit data
uue = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/
outStream.WriteLine( "-----BEGIN CERTIFICATE-----"
cer = Request.ClientCertificate("Certificate"
lcer = len(cer)
l = 0
for x = 1 to lcer step
a1 = asc(mid(cer,x,1))
if x+1 <= lcer the
a2 = asc(mid(cer,x+1,1))
if x+2 <=lcer the
a3 = asc(mid(cer,x+2,1))
els
a3 = 0
end if
els
a2 = 0
a3 = 0
end i
outStream.Write mid(uue, (a1 and 252)/4 +1 ,1
outStream.Write mid(uue, (a1 and 3)*16 + (a2 and 240)/16 +1 ,1
if x+1 <= lcer the
outStream.Write mid(uue, (a2 and 15)*4 + (a3 and 192)/64 +1 ,1
if x+2 <= lcer the
outStream.Write mid(uue, (a3 and 63) +1 ,1
else
outStream.Write "=
end if
else
outStream.Write "==
end if
l = l +4
if l = 64 the
outStream.WriteLine("")
l = 0
end i
next
if l > 0 then
outStream.WriteLine( ""
end if
outStream.WriteLine( "-----END CERTIFICATE-----"
Response.Write "Client certificate information has been received and logged successfully<br>
%></body></html

And here's the output
-----BEGIN CERTIFICATE----
Pz8/Pz9BP34/Pz8/Pz9hPyA/uz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz+vPz8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/P7s/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz9jYQU/jT8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/OT8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/BT8
Pz8/Pz8/Pz8/Pz8/Pz8/YUE/Pz8/Pz8/Pz8gPz8/Pz8/Pz8/Pz8/Pz+7Pz8/TGE
Pz8/QT8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/P2E/rz8/Pz8/Pz8/Pz8/Pz8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Kz8/Pz8/Pz8/Pz8/Pz8/Pys/Pz8/Pz8/Pz8/Pz8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Yz8FP4E/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz8
Pz8/Pz8/Pz8/Pz8/Pz8/Pz8/Pz/FPz8/Pz8/Pz8/Pz8/Pz8
-----END CERTIFICATE----

Anyone seen and solved this problem
Best regards
/Jonas
 
Ad

Advertisements


Top