By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
455,170 Members | 1,360 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 455,170 IT Pros & Developers. It's quick & easy.

Expert assistance needed with Xo9 interoperability with IBM integration server via HTTP POst.(Urgent)

P: n/a

Hello,

I was given the task to build a .Net client that will talk to IBM
integration server via HTTP post.
The idea is that each http packet exchange should be authenticated via X09
"client authentication and not "server authentification"
The code i wrote is quite straight forward. (See listing below)

With server authentication, the server's application will contain a
certificate created specifically for that server. The client application
will contain a list of CA's. When the client application requests an SSL
connection to that server, the server will send its certificate to the PC.
The client application will then check its list of CA's for one that trusts
the server certificate. If it finds one, the SSL server authenticated
connection is established. If not, the SSL connection will fail. Most
SSL-enabled client software (e.g., Express client, Microsoft Internet
Explorer, and Netscape Navigator) is shipped with a built-in list of
well-known CA's such as Verisign and Thawte. Therefore, if a server
certificate was created and purchased from Verisign, most client software
will be able to use the SSL server authentication out-of-the-box without
further SSL configuration.

Client authentication is the second method in which SSL uses the trust
relationship. Client authentication is optional and server applications can
be programmed to choose whether it is necessary to require it. With client
authentication, the client will contain a certificate created specifically
for that client. The server application will contain a list of CA's. When
the client application requests an SSL connection to that server, the server
will send its certificate to the PC and an indication that the PC must send
its client certificate to the server. The client application will then check
its list of CAs for one that trusts the server certificate. If it finds one,
the client will send its certificate to the server. Then, the server
application will check its list of CAs for one that trusts the client
certificate. If it finds one and both sides determine that each other's
certificate is trustworthy, the SSL client-authenticated connection is
established. If not, the SSL connection will fail.
public void Post_Message())

{

X509Certificate2 Certificate = null;

// StoreName.CertificateAuthority
X509Store store = new X509Store(StoreName.AddressBook,
StoreLocation.CurrentUser);

store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);

try

{
X509Certificate2Collection collection =
(X509Certificate2Collection)store.Certificates;

X509Certificate2Collection fcollection =
(X509Certificate2Collection)collection.Find(X509Fi ndType.FindByTimeValid,
DateTime.Now, false);

if (fcollection.Count == 0)

throw new Exception("Unable to find certificate!");

else

{

Certificate = fcollection[0];

// Certificate.

HttpWebRequest req =
(HttpWebRequest)HttpWebRequest.Create(Configuratio nManager.AppSettings["URI"]);

req.ClientCertificates.Add(Certificate);

// req.Proxy = new
System.Net.WebProxy(ConfigurationManager.AppSettin gs["ProxyString"], true);

req.ContentType = "application/x-www-form-urlencoded";

req.Method = "POST";

byte[] bytes = System.Text.Encoding.ASCII.GetBytes(message);

req.ContentLength = bytes.Length;

System.Net.WebResponse resp = req.GetResponse();

// if (req == null) return null;

System.IO.StreamReader sr = new
System.IO.StreamReader(resp.GetResponseStream());

// return ;

Save_Irw_Response(Utility.ConvertMessagetoUTF8(sr. ReadToEnd().Trim()));

}

}

catch(Exception except)

{

Console.Write(except.Message);

}

finally

{

store.Close();

}

Well i'm asking for expert advices as the IBM people dont have any
experience with dotnet intereop on this matter and before i lunch my test,

i would like to have experts support weather i'm on the right way or weather
i have gone totally mad ;))

many thanks in advance

JJ
Apr 2 '06 #1
Share this Question
Share on Google+
4 Replies


P: n/a
More exactly i need to talk to webMethods Integration Server using http
post and "SSL client authentication".

Apr 3 '06 #2

P: n/a
You need to set up certificates for SSL and use https. You can put a
command to
invoke a flow in the IS in your html message. Are you using xml?
jens Jensen wrote:
More exactly i need to talk to webMethods Integration Server using http
post and "SSL client authentication".


Apr 3 '06 #3

P: n/a
You need to set up certificates for SSL and use https. You can put a
command to
invoke a flow in the IS in your html message. Are you using xml?
jens Jensen wrote:
More exactly i need to talk to webMethods Integration Server using http
post and "SSL client authentication".


Apr 3 '06 #4

P: n/a
I'm the client here. I need to send xml packed to an "Webmethods integration
server". It requires me to provide a client certificate to authenticate
myself. I have to send them my CA genrated cert and talk to them vi http
POST.

No soap required.

This is what i'm asking advice on. So the communication will be https but
not the server authentication that we know for browser to server.

each part here need to authenticate via x509 certs exchange as part of the
handshake.
This is the requirement.
Apr 3 '06 #5

This discussion thread is closed

Replies have been disabled for this discussion.