I am working on a special ASP.Net application that receives files from
customers. The connection is made via HTTPS and the client sends the file
as a POST to my ASP.Net listener. All of this works fine. Now I am looking
at how to validate the clients certificate programmaticall y. The client
application sends to me with something like:
....
Dim myHttp As HttpWebRequest =
CType(WebReques t.Create(https://myserver/Receive.aspx), HttpWebRequest)
myHttp.Timeout = 300000
myHttp.KeepAliv e = True
myHttp.ContentL ength = PostData.Length
myHttp.UserAgen t = "Mozilla/4.0 (compatible; MSIE 4.01; Windows NT)"
myHttp.Method = "POST"
myHttp.AllowAut oRedirect = True
'-- Cert Stuff
Dim cert As X509Certificate =
X509Certificate .CreateFromCert File("d:\temp\c ert\ProdCert.ce r")
myHttp.ClientCe rtificates.Add( cert)
Dim tmpStream As Stream
Try
tmpStream = myHttp.GetReque stStream()
Catch ex As WebException
End Try
tmpStream.Write (PostData, 0, PostData.Length )
tmpStream.Flush ()
tmpStream.Close ()
....
This process seems to work fine, but then I perform a
Request.ClientC ertificate in my Receive.aspx nothing is there. In my
Receive.aspx page I have the following code:
Dim cert as HttpClientCerti ficate
cert = Request.ClientC ertificate
Nothing comes across or at least doesn't seem to populate the
ClientCertifica te object. If I use the above client to send data to
another system that is Java based they say the client certificate is there.
Can Java do something that .Net can't?
I hope someone can shed some light into why the client certificate is not
showing up in the ClientCertficat e object as I am really hoping to keep this
project small by staying in the same language environment.
Thanks,
Matt