470,874 Members | 1,509 Online
Bytes | Developer Community
New Post

Home Posts Topics Members FAQ

Post your question to a community of 470,874 developers. It's quick & easy.

HttpWebRequest using Certificates

Hi everybody,

my VB.NET (Framework 2.0) client application has to do a HttpWebRequest (for
reading web-pages and downloading files) on a web server. The server uses a
self-signed certifiacte and the client application should also use a
self-signed certificate (of course, signed by the same self-made CA) so we
would have an authentication of both directions: the server to the client
and the other way round.

Is there a way to programmatically load the self-signed server certificate
in my VB application? Something like:

Private _WebClient As HttpWebRequest

Private _ClientCert As X509Certificate2 = LoadCert() ' This already works

_WebClient = CType(WebRequest.Create(_Server + "site.html"), HttpWebRequest)

_WebClient.ClientCertificates.Add(_ClientCert)

' Something like this.....

_WebClient.AuthorizedCertificateAuthorities.Add("M yCA.crt")

Dim NewResponse As HttpWebResponse = CType(_WebClient.GetResponse(),
HttpWebResponse)

So far my client does not accept the server certificate since it could not
establish the trust relationship! Of course, since my client does not know
about the CA. And I don't want to have to install the certificate/CA on each
machine that I need to install the software on.

Any ideas?

Thank you very much,

Josef
Mar 3 '06 #1
2 1963
Hello,

Here is a sample may help:

HttpWebRequest httprq = (HttpWebRequest)HttpWebRequest.Create(uri);
httprq.Method = "POST";
httprq.ContentType = "text/xml; charset=utf-8";

string certificateName = "ABC";
X509Store store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection certificates =
store.Certificates.Find(X509FindType.FindBySubject Name, certificateName,
true);
X509Certificate certificate = certificates[0];
httprq.ClientCertificates.Add(certificate);

//Response
HttpWebResponse httprp = (HttpWebResponse)httprq.GetResponse();

Also, The server certificate's root authority must be trusted by client and
the client certificate's root authority must be trusted by the server.

Regards,
Luke Zhang
(This posting is provided "AS IS", with no warranties, and confers no
rights.)
Mar 3 '06 #2
Hi Luke,

thanks for the advice with the certificat sore. What I'm trying to do write
know is to load all certificates (client, server, ca) into the corresponding
certificate stores. But
1. I still get the ..."Could not establish trust relationship for the
SSL'/TLS secure channel" error message
2. I cannot find the certificates I just added to the differen certificate
stores wihin the IE...

Here's the code...maybe I do something wrong while adding them...

Private _ClientCert As X509Certificate2

Private _ServerCert As X509Certificate2

Private _CACert As X509Certificate2

Public Sub New(ByVal ClientCertFile As String, ByVal ServerCertFile As
String, ByVal CACertFile As String)

_ClientCert = ReadCertificate(ClientCertFile)

_ServerCert = ReadCertificate(ServerCertFile)

_CACert = ReadCertificate(CACertFile)

Dim CAstore As New X509Store(StoreName.CertificateAuthority,
StoreLocation.LocalMachine)

CAstore.Open(OpenFlags.ReadWrite)

CAstore.Add(_CACert)

CAstore.Close()

Dim ServerStore As New X509Store(StoreName.TrustedPeople,
StoreLocation.LocalMachine)

ServerStore.Open(OpenFlags.ReadWrite)

ServerStore.Add(_ServerCert)

ServerStore.Close()

Dim ClientStore As New X509Store(StoreName.My, StoreLocation.LocalMachine)

ClientStore.Open(OpenFlags.ReadWrite)

ClientStore.Add(_ClientCert)

ClientStore.Close()

Thanx,

Josef
Mar 3 '06 #3

This discussion thread is closed

Replies have been disabled for this discussion.

Similar topics

8 posts views Thread by Soeren S. Joergensen | last post: by
1 post views Thread by Deepak | last post: by
1 post views Thread by Kevin Landymore | last post: by
2 posts views Thread by Josef Brunner | last post: by
2 posts views Thread by steveS | last post: by
By using this site, you agree to our Privacy Policy and Terms of Use.