views:

464

answers:

1

Hi people,

can someone tell me please why i dont have the cert.PrivateKey (=null) after i instantiated an X509Certificate2 from an HttpClientCertificate during a web method call.. sth like this:

X509Certificate2 cert = new X509Certificate2(Context.Request.ClientCertificate.Certificate, "test");

The HttpClientCertificate has an private key when i check with the debugger, but X509Certificate2 (cert variable) not !

..furthermore i dont even get an CryptographicException when i specify an invalid password.

Can someone please clearify me?

Thanks really a lot in advance!

Kind regards, Kris

A: 

The constructor you are using (data/password) is intended to be used to get a certificate from a PKCS#12 file (PFX file). The Certificate property of ClientCertificate "Gets a string containing the binary stream of the entire certificate content, in ASN.1 format."

ClientCertificate is intended to give you the certificate used during the establishment of the SSL session with the server. I wouln't expect it to expose the private key in the way you are trying to.

Before, i tried with the proper ctor:X509Certificate2 cert = new X509Certificate2(Context.Request.ClientCertificate.Certificate)Nor here i have the privatekey in cert object after instantiating it like in the line above..I want to implement routing of soap messages inclusive the client certificates which are attached to them.. Thats why i want to read it from HttpClientCertificate and instantiate a new object X509Certificate / X509Certificate2 and add it to the new routing SoapHttpClient.. Thats my problem..
krile