none
Client Certificate is always null on server side RRS feed

  • Question

  • I read a lot posts about how to send client certificate and did all of them but It is null on server side .

    I wrote this code on page mytest.aspx.cs
        
         protected void Page_Load(object sender, EventArgs e)
           {
            string host = @"http://localhost:57855/Temp/index.aspx";
            string certName = @"C:\cert.pfx";
            string password = @"123456";

            try
            {

                X509Certificate2Collection certificates = new 
                X509Certificate2Collection();

                certificates.Import(certName, password, 
                X509KeyStorageFlags.MachineKeySet | 
                X509KeyStorageFlags.PersistKeySet);

                ServicePointManager.ServerCertificateValidationCallback = (a, b, c, d) => true;

                HttpWebRequest req = (HttpWebRequest)WebRequest.Create(host);
                req.AllowAutoRedirect = true;
                req.ClientCertificates = certificates;

                req.Method = "POST";
                req.ContentType = "application/x-www-form-urlencoded";
                string postData = "login-form-type=cert";
                byte[] postBytes = Encoding.UTF8.GetBytes(postData);
                req.ContentLength = postBytes.Length;

                Stream postStream = req.GetRequestStream();
                postStream.Write(postBytes, 0, postBytes.Length);
                postStream.Flush();
                postStream.Close();
                WebResponse resp = req.GetResponse();

                Stream stream = resp.GetResponseStream();
                using (StreamReader reader = new StreamReader(stream))
                {
                    string line = reader.ReadLine();
                    while (line != null)
                    {
                        Console.WriteLine(line);
                        line = reader.ReadLine();
                    }
                }

                stream.Close();
            }
            catch (Exception ex)
            {
                //Console.WriteLine(e);
            }
        }


      and in index.aspx page I wrote this code

            protected void Page_Load(object sender, EventArgs e)
        {
            bool b = false;
            if (HttpContext.Current.Request.ClientCertificate.IsPresent)
                b = true;//b is always  null

        }

      also I'm using IIs express . in applicationhost file in C:\Users\Administrator\Documents\IISExpress\config  I change two part 

         <security>

               <access sslFlags="SslNegotiateCert" />
              ....
              <authentication>
                 <clientCertificateMappingAuthentication enabled="true" />

                 <iisClientCertificateMappingAuthentication  enabled="true">
                 </iisClientCertificateMappingAuthentication>
                 .........
               </security>

    I installed cert.pfx in mmc=>Certificates/personal/certificates and 
    mmc=>certificates (current User)/personal/certificates

    but always in index page b is false.

    Also i shoud say cert.pfx is not a ssl certificate. It is a digital sign certificate and it has client authentication in cert's enhanskeyusage field


    Thursday, October 5, 2017 8:09 AM

Answers