SOAP over SSL with Certificate
-
Hi, all! I have struggled too many hours now to find out how to connect to a remote web service using w2k .Net soap over ssl. I have received a certificate file from the publisher, xxx.pem which I divided in two, one xxx.crt (certificate) and one xxx.key (rsa private key). Both base64-encoded. I have also received a passphrase for the private key. But I just can't figure out how to put all this together, and successfully manage to make a request from my C#-app. How, for example, to include the private key with passphrase in the request??? I would be sooo happy for some answers... :-) Regards Christer
-
Hi, all! I have struggled too many hours now to find out how to connect to a remote web service using w2k .Net soap over ssl. I have received a certificate file from the publisher, xxx.pem which I divided in two, one xxx.crt (certificate) and one xxx.key (rsa private key). Both base64-encoded. I have also received a passphrase for the private key. But I just can't figure out how to put all this together, and successfully manage to make a request from my C#-app. How, for example, to include the private key with passphrase in the request??? I would be sooo happy for some answers... :-) Regards Christer
This... is a long road with many a winding turn... took me quite some time to get everything working correctly. You fail to specify whether your C#-app is an ASP.NET web service client or a console/winforms web service client. I'll presume it's the latter as that's remarkably easier. At either length it's easiest to use Microsoft WSE 1.0 enhancements[^] to fetch the certificate from the certificate store. By default it is presumed that your client certificate is in the personal store of the current user (e.g. the one that is executing the application). If this is ASP.NET then as the user doesn't have a login profile the user doesn't have a personal store folder either and you need to carefully import the certificate to the personal store of the local machine. The following code will get the private certificate from the depths of the certificate store:
byte[] certhash = { 50, 49, 239, 183, 249, 60, 36, 134, 129, 159, 39, 226, 197, 70, 76, 1, 147, 237, 43, 217 }; X509CertificateStore store = X509CertificateStore.CurrentUserStore(X509CertificateStore.MyStore); store.Open(); X509CertificateCollection certs = store.FindCertificateByHash(certhash); store.Close(); X509Certificate cert = certs[0];
There are other ways to find a certificate than by using its hash value, but you can refer to the WSE 1.0 documentation for these. Now, to add the certificate to the service call let's presume your web service object is Service1 then you add it fairly simply using:Service1.ClientCertificates.Add(cert);
It doesn't seem so daunting when you look at it like this, but it can take a lot of time to figure out given the.... usefulness.... of most code examples around. I think that's all it takes, good luck fighting the certificate mmc snap-in. :) Hope this helps. -- Henrik Stuart (http://www.unprompted.com/hstuart/[^])