httpWebRequest not sending client Certificate

G

Guest

my asp.net app is posting to another webpage using httpwebRequest &
x509Certificates and in return the certificate's name used for the posting is
sent back. But instead of getting information about the cert returned I'd get
no information message.

I know my certificate is valid because when I manually type the address my
app is posting to in IE it would return the client certificate's name used in
my users personal store.

So basically, HttpwebRequest is not sending the client certificate.

I have the cert installed in local_machine\personal store in CA in the
trusted root authority.

I'm also using window server 2003

code that POSTs:

void SendTestXML2(object sender, System.EventArgs e)
{
string XMLRequest = "";
System.Net.ServicePointManager.CertificatePolicy = new MyPolicy();
try

{

string loginUrl =
"https://aestheticpc.com/qbConn/CertCheck/CertCheckaspx.aspx"; XMLRequest =
buildXML();
X509Certificate cert =
X509Certificate.CreateFromCertFile("ClientCertDER2.cer");
HttpWebRequest wr = (HttpWebRequest) WebRequest.Create(loginUrl);
wr.ClientCertificates.Add(cert);
wr.Method = "POST";
wr.KeepAlive = false;
wr.ContentType = "application/x-qbxml";
wr.ContentLength = XMLRequest.Length;

// send xml data
StreamWriter SendStream;
SendStream = new StreamWriter(wr.GetRequestStream());

SendStream.Write(XMLRequest);
SendStream.Flush();
SendStream.Close();
HttpWebResponse WebResp = (HttpWebResponse) wr.GetResponse();
string res = "";


using (StreamReader sr = new
StreamReader(WebResp.GetResponseStream()) )
{

res = sr.ReadToEnd();

sr.Close();

}

Output.Text = res.ToString();
Output.Text += cert.GetName();
WebResp.Close();

}

catch(Exception err)

{

Response.Write(err.ToString() + "<br>");
Response.Write(XMLRequest.ToString());

}





}

code that Responds:

Sub Page_Load(ByVal sender As System.Object, ByVal e As System.EventArgs)

Dim cs As HttpClientCertificate = Request.ClientCertificate
If cs.IsPresent Then
'Get the Organization (O) field from the Subject section.
Response.Write("Cert subject: " & cs.Get("Subject O"))
Else
Response.Write("No certificate was found.")
End If


End Sub
 
J

Jens Christian Mikkelsen

Marvin said:
my asp.net app is posting to another webpage using httpwebRequest &
x509Certificates and in return the certificate's name used for the posting is
sent back. But instead of getting information about the cert returned I'd get
no information message.

This is an ancient ASP.NET bug:

FIX: ASP.NET Web application cannot deliver a client certificate to a secure
Web site
http://support.microsoft.com/?kbid=817854

Unfortunately this involves getting your hands on the ASP.NET 1.1 June 2003
(Yes, 2003 Virginia!!!) Hotfix Rollup Package:

http://support.microsoft.com/default.aspx?kbid=821156

As there is no servicepack for 1.1, you will need to get this hotfix from
Microsoft Product Support Services. It cannot be downloaded from
microsoft.com. Alternatively you could wait for 2.0. :)

For Windows 2003, note that you should install the OCM hotfix package
*INSTEAD OF* the Windows Installer package.

Jens
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Members online

No members online now.

Forum statistics

Threads
473,744
Messages
2,569,482
Members
44,901
Latest member
Noble71S45

Latest Threads

Top