471,571 Members | 3,811 Online
Bytes | Software Development & Data Engineering Community
Post +

Home Posts Topics Members FAQ

Join Bytes to post your question to a community of 471,571 software developers and data experts.

HttpClientCertificate not available in webservice


We have developed a webservice that was accessed by a fat windows client. A
security requirement was that the client authenticates itself by using by
providing a client certificate. The webserver (iis) made then sure that only
clients providing a valid certificate could connect. (settings: Requeire
secure channel, Require client certificates). This worked fine.

Due to a request by our client, we are forced to integrate the webservice in
another website where iis does not requeire a client certificate. I thought
about moving this security check to the application by checking the
HttpContext.Current.Request.ClientCertificate property. Unfortunately, this
does not work as i wish. When i debug, the ClientSertificate.IsPresent
property is always set to false. How is this possible, our client does send
a certificate.

Some more information about our settings:

- in iis we use security settings are set to accept client certificates!
- the certificates we use are invalid !!! Is it possible that iis blocks
this certificates so the webserver does not see them?

I am grateful for any help. Thanks in advance

--------------------------------------- Client code connection to webservice
and adding certificate to
est ------------------------------------------

private void InitWebService(string URL) {

webService = new Service();

webService.Url = URL;

cookies = new System.Net.CookieContainer();

webService.CookieContainer = cookies; // now Session are no longer lost

// create an X509Certificate object from the information

// in the certificate export file and add it to the

// ClientCertificates collection of the Web service proxy

ResourceManager resourceManager = new
ResourceManager("SmartClient.Certificate.ClientCer tificate",

object o = resourceManager.GetObject("prime_user_cert_29jun20 06"); //
certificate testcertificate would be clientcert

Byte[] bytesOfCertificate = null;

if (o is System.Byte[]) {

bytesOfCertificate = (System.Byte[])o;


X509Certificate cert = new X509Certificate(bytesOfCertificate);



------------------------------------------------- Server
code ---------------------------------------------------

internal bool ValidateClient(){

HttpClientCertificate certificate =

if(certificate == null || !certificate.IsPresent ){

return false;


return certificate.IsValid;



Mar 13 '07 #1
0 1930

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

13 posts views Thread by Edje.Rommel | last post: by
2 posts views Thread by ko | last post: by
7 posts views Thread by Amirallia | last post: by
4 posts views Thread by =?Utf-8?B?ZmFpcnl2b2ljZQ==?= | last post: by
2 posts views Thread by Mike Endys | last post: by
reply views Thread by XIAOLAOHU | last post: by
reply views Thread by leo001 | last post: by
reply views Thread by lumer26 | last post: by
reply views Thread by lumer26 | last post: by

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.