tags:

views:

354

answers:

2
Q: 

Sending Client Certificate in HttpWebRequest

I am trying to pass a client certificate to a server using the code below however I still revive the HTTP Error 403.7 - Forbidden: SSL client certificate is required. What are the possible reasons the HttpWebRequest would not send the client certificate? 

var clientCertificate = new X509Certificate2( @"C:\Development\TestClient.pfx", "bob" );

                    HttpWebRequest tRequest = ( HttpWebRequest )WebRequest.Create( "https://ofxtest.com/ofxr.dll" );

                    tRequest.ClientCertificates.Add( clientCertificate );
                    tRequest.PreAuthenticate = true;
                    tRequest.KeepAlive = true;
                    tRequest.Credentials = CredentialCache.DefaultCredentials;
                    tRequest.Method = "POST";
                    var encoder = new ASCIIEncoding();
                    var requestData = encoder.GetBytes( "<OFX></OFX>" );

                    tRequest.GetRequestStream().Write( requestData, 0, requestData.Length );
                    tRequest.GetRequestStream().Close();

                    ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback( CertPolicy.ValidateServerCertificate );
                    WriteResponse( tRequest.GetResponse() );
A: 

It could be the wrong cert, could be missing cert, etc.. Use Fiddler (free) as a proxy to intercept the traffic, and you'll see whether the cert is attached or not.

Chris Thornton  2010-03-20 04:26:12
I have used fiddler and I see no indication of the client cert on the initial connect request. I have this cert working in an mfc test application so it seems to be something with .net not liking something.
Aaron Fischer  2010-03-20 04:35:09
You can use SoapUI to make a sample request, and attach the .pfx to it (see Preferences | SSL, and you can attach a .pfx there). Examine that request through Fiddler, and you'll see what a good one should look like.
Chris Thornton  2010-03-20 12:36:57
A: 

Is the password correct? I'm not familiar with the .net way of doing this, but I assume "bob" is the password. Change to "rick" and see if you get an error. If so, then you're probably doing it right. If everything is the same as if you use "bob", then there may be an issue with the password.

Chris Thornton  2010-03-20 16:57:04

related questions

Entity diagrams in ASP.NET MVC
Aging Data Structure in C#
.NET 3.5 Service Pack 1 causes 404 pages on ASP.NET Web App
How do I make a custom .net client profile installer?
.NET 3.5 SP1 and aspnet_client Crystal Reports
Can I create a ListView with dynamic GroupItemCount?
N2 CMS
Conditional Linq Queries
LINQ query on a DataTable
Asynchronous Remoting calls
Using EF Entity as DTO Object
WPF: How to style or disable the default ContextMenu of a TextBox
C# 2.0 code consuming assemblies compiled with C# 3.0
Using C#/WIA version 2.0 on Vista to Scan
Has anyone run performance benchmarks comparing LINQ
Beginners Guide to LINQ
Extension interface patterns
C# 3.0 Where extension method with lambda vs LINQtoObjects to filter in memory collections.
Upgrade to ASP.NET 3.x
Where can I get the Windows Workflow "wca.exe" application?
LINQ on the .NET 2.0 Runtime
Is nAnt still supported and suitable for .net 3.5/VS2008?
How do you page a collection with LINQ?
How do I get a distinct, ordered list of names from a DataTable using Linq
How do I fill a DataSet or a DataTable from a LINQ query resultset ?