Solved

How to use .net 1.1 HttpWebRequest class to post the data to a secured server (https)?

Posted on 2008-10-13
3
371 Views
Last Modified: 2013-12-17
Following code I am using to post data to an external server. The url is like "http://www.microsoft.com".
How can I post to a secured server (https) like  "https://www.microsoft.com" and how to test?
       
     public static string sendWebRequest(string URL, string Query)
            {
                  try
                  {
                        HttpWebRequest httpRequest = (HttpWebRequest)WebRequest.Create(URL);
                        httpRequest.Method = "POST";
                        httpRequest.ContentLength = Query.Length;
           
                        System.Net.ServicePointManager.CertificatePolicy = new TrustAllCertificatePolicy();

                        httpRequest.ContentType = "application/x-www-form-urlencoded";
                 
                        Stream httpRequestStream = httpRequest.GetRequestStream();
                        byte[] b = System.Text.Encoding.ASCII.GetBytes(Query);
                        httpRequestStream.Write(b, 0, b.Length);
                        httpRequestStream.Close();

                        Stream streamResponse = httpRequest.GetResponse().GetResponseStream();
                 
                        StreamReader      streamReader = new StreamReader(streamResponse);
                        string strResponse = streamReader.ReadToEnd();
                        streamReader.Close();
                        return strResponse;
                  }
                  catch (System.Net.WebException e)
                  {
                        throw e;
                  }
            }
0
Comment
Question by:rsrajendran69
  • 2
3 Comments
 
LVL 4

Expert Comment

by:novynov
ID: 22707565
I may be misundertanding your question or missing something, but I don't believe there is any difference. You should be able to use HttpWebRequest against an https url with no problems and no additional coding (i.e. no need to mess with certificates, etc. - it just works).

One problem I have seen mention of regarded using HttpWebRequest from within an ASP.NET application. I believe the root of the problem had to do with the account that IIS was running under - and not having access to the key store in order to authenticate the server credentials during the SSL handshake.

Have you tried just using HttpWebRequest as is? Did you run into a problem? If so, what?

I hope this helps.
0
 

Author Comment

by:rsrajendran69
ID: 22708483
Thank you very much for your reply, I did go thru microsoft documentation saying that HttpWebRequest will work on 'https url' without any change. I have not tried yet.

My question was, how to test https URL, just change the url from http-->https and try or is there any certificates needs to be installed on the web server to test 'https' url?. I am not really very sure how the 'https' works. Any URL can be changed to https ?
please clarrify.  Excuse me if asked stupid question.
0
 
LVL 4

Accepted Solution

by:
novynov earned 250 total points
ID: 22710360
OK...now I understand more....and it isn't a stupid question. For you to use SSL on your webserver, yes you need a server certificate installed.

Assuming you are using IIS, this is a matter of generating a certificate request, getting it signed, installing the certificate, and then setting up IIS to use/require SSL in the apps/virtual directories of your choice.

Configuring IIS to do the above is fairly straightforward, though I believe there may be some slight differences in the specfic steps between IIS 6.0 and 7.0. A quick Google will give you some specific walkthroughs.

The biggest rock sometimes can be getting your certificate. A production ready certificate costs money and requires that you know the domain that you are going to be using - certs are issued on a per domain basis.

What many developers do is obtain a "self signed" certificate. There are a number of ways of doing this, including setting up your own certificate authority server, using the SelfSSL tool included in the IIS 6.0 resource kit or using tools like openssl (http://www.openssl.org/related/binaries.html). A Google search of "self signed ssl" should point you at a number of options.

Once you have your test certificate installed, you may also need to install a certificate on the client machine you'll be testing on. This certificate is normally that of the signer of your server certificate (i.e. the Certificate Authority). Doing this instructs your browser to trust all certificates that have been signed by the particular CA. If you don't do this step, many browsers will complain that the server's certificate may not be trustworthy. In many cases, you can still use the website - but you'll just have to deal with the annoying browser complaints.

I hope this helps. Here are some links to some reading that may help you as you ramp up in this area:

How the SSL handshake works: http://support.microsoft.com/kb/257591
How SSL works: https://www.securetrust.com/resources/how-ssl-works
Overview of public/private keys and server certs: http://www.nusphere.com/products/library/ssl.htm
Creating an SSL cert request in IIS 6.0: http://www.ravand.com/ssliis6.cfm
How SSL works from Verisign, a company that sells certs: http://www.verisign.com/ssl/ssl-information-center/how-ssl-security-works/
IIS 6.0 resource kit tools: http://www.microsoft.com/downloads/details.aspx?FamilyID=56fc92ee-a71a-4c73-b628-ade629c89499&DisplayLang=en

Let me know if I can be of more assistance.
0

Featured Post

3 Use Cases for Connected Systems

Our Dev teams are like yours. They’re continually cranking out code for new features/bugs fixes, testing, deploying, testing some more, responding to production monitoring events and more. It’s complex. So, we thought you’d like to see what’s working for us.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Get id from json Data with NewtonSoft 3 49
Angular JS Route 3 68
Visual Studio 2013 and Eclipse Neon 6 34
start a process from a service 3 21
Flash (http://en.wikipedia.org/wiki/Adobe_Flash) has evolved over the years to where it has become a masterful tool for displaying content screen.  It has excellent layout placement, UI precision as well as rendering capabilities. This, along with t…
This document covers how to connect to SQL Server and browse its contents.  It is meant for those new to Visual Studio and/or working with Microsoft SQL Server.  It is not a guide to building SQL Server database connections in your code.  This is mo…
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…
This video shows how to use Hyena, from SystemTools Software, to bulk import 100 user accounts from an external text file. View in 1080p for best video quality.

785 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question