tags:

views:

533

answers:

4
Q: 

Prompt user for password when grabbing X509Certificate from X509Store?

I have a C# form (running on the client machine) which gathers all the user X509Certificates from the store, presents them to the user so they can pick the one they want to use. Then I pass the cert off to a webservice to do some work. This all works great! Problem is, the user is never prompted for the X509Certificate password? I can't find a method to "check password" once I have the X509Certificate from the store. I also thought about using the X509Certificate constructor, which needs the path and password, but I don't see a method to get the file path and name from the X509Certificate I grabbed from the store? Is it secure to just grab the certificate from the store and not ask for the user's password?

This is how I'm grabbing from the store:

X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
for (int i = 0; i < store.Certificates.Count; i++) 
{
    X509Certificate c = store.Certificates[i];
    ...//add to GUI for user to pick here....
}

Thanks for any help, Steve

A: 

If you choose to use a certificate from cryptographic device like eToken or SmartCard you will be automatically prompted to enter the password (password for the device, not certificate). In other cases I don't think you should care about it. You can easily access the local store without any passwords in Windows, so why would you pass-protect them in the app.

RaYell  2009-07-31 12:28:11
Thanks for the reply.That's why I want to ask for the password - I want to ensure the person using the cert is actually the cert owner.
 2009-07-31 12:31:21
A: 

it depends wether the certificate's private key is protected by a password or not. If you accecss such a certificate from the store, windows should prompt you to enter it.

Johannes Rudolph  2009-07-31 12:43:04
Yes, that's exactly what I was thinking...the cert is password protected, yet I don't get the prompt. I am testing against my own cert, which when I use it in other web applications, I DO get the prompt? I also get it in Outlook when digitally signing messages?
 2009-07-31 12:56:33
Perhaps I need to access something in the cert before it prompts me?Currently all I grab is the SubjectName from the cert and pass it to the webservice to authenticate.
 2009-07-31 13:04:06
A: 

That was it...thanks for the help, you guys helped me narrow down the problem. I added a line in there to access the privatekey from the cert and it then prompted me for the password.

Thanks! Steve

 2009-07-31 13:07:22
A: 

Hi! I´m dealin wth the same problem... my program open a certificate, and I need to pass it the password to get the private key to do my signing....or am I wrong?

 2010-07-30 15:23:42

related questions

Displaying Flash content in a C# WinForms application
How to get the value of built, encoded ViewState?
Unhandled Exception Handler in .NET 1.1
How do I connect to a database and loop over a recordset in C#?
How do I most elegantly express left join with aggregate SQL as LINQ query
Get a new object instance from a Type in C#
.NET Testing Framework Advice
Automatically update version number
What is the difference between an int and an Integer in Java/C#?
How to write to Web.Config in Medium Trust ?
WinForms ComboBox data binding gotcha
How do you sort a C# dictionary by value?
Adding Scripting functionality to .NET applications
Floating Point Number parsing: Is there a Catch All algorithm?
How do I print an HTML document from a web service?
Decoding T-SQL CAST in C#/VB.net
Anatomy of a "Memory Leak"
How do I get a distinct, ordered list of names from a DataTable using Linq
Reliable Timer in a Console Application
How do I fill a DataSet or a DataTable from a LINQ query resultset ?
What's the difference between Math.Floor() and Math.Truncate() in .NET?
How do I calculate relative time?
How do I calculate someone's age in C#?
Are there any conversion tools for porting Visual J# code to C#?
When setting a form's opacity should I use a decimal or double?