views:

228

answers:

2

I'm using HttpWebRequest to pull a page from an arbitrary HTTPS URL. In addition to the actual page result, I want to get an X509Certificate2 instance for the remote server I just talked to. I'm sure the public certificate is on the computer somewhere because its chain had to be validated as part of the request. How can I get access to it?

Also, how can I make sure that the ciphersuite used in the SSL channel isn't simply the null ciphersuite? I need to make sure that decent encryption is actually occurring.

A: 

Oh! (duh)

HttpWebRequest.ServicePoint.Certificate

But this doesn't answer the ciphersuite part of the question, so that's still open if anyone can answer it. :)

Andrew Arnott
A: 

See here: http://blog.jameshiggs.com/2008/05/01/c-how-to-accept-an-invalid-ssl-certificate-programmatically/

Spencer Ruport
Thanks, but I'm not wanting to accept an invalid SSL certificate. I just want a copy of the X509Certificate2 instance that was retrieved. In fact it MUST be valid in my scenario.
Andrew Arnott
So, you read the article and didn't see how to accomplish what you were asking? My bad, I assumed you knew what you were doing.
Spencer Ruport
Dude, thanks for taking the time to try to answer my question, but it really had nothing to do with controlling the certificate validation process, which is what the article you linked to discussed. I just wanted the certificate. You can see the answer I posted myself is just a single property access. Much simpler than the article's process of cert validation.
Andrew Arnott