Solved

How to configure C# NET console app to send  a client cert to external web service

Posted on 2011-02-25
10
1,479 Views
Last Modified: 2012-08-14
I am working on a C# console application that makes a call to an external web service to retrieve data. However for identification in production , I cannot send user id and password instead I have to send the client certificate which was provided to me by the external vendor (Mutual SSL Authentication).

Right now I have the console application running with simple user id and password to TEST my business logic, now I have to replace id/password with the client certificate.This is where I am stuck, I have no clue on how to proceed from here.I am currently testing it on my laptop and will eventually deploy the application on production Windows 2008 server.

Do I embed the certificate "somehow" within the C# CONSOLE application code, I am not that good with certificates. I am sorry I need STEP BY STEP instructions(with code samples is even better). PLEASE any help is appreciated as I have a deadline to meet.
0
Comment
Question by:vemi007
  • 4
  • 2
  • 2
  • +1
10 Comments
 
LVL 9

Expert Comment

by:rawinnlnx9
ID: 34984931
This does a good job of explaining how to do it.

http://www.codeproject.com/KB/XML/BeginnerWebService.aspx
0
 

Author Comment

by:vemi007
ID: 34985032
I already build the client to consume the web service as explained above. BUT i wrote code to consume web service using id and password. I need assistance and help with using a client certificate instead of id/password in the code. Your link does not show me anything related to using client certificate within my C# code.
0
 

Author Comment

by:vemi007
ID: 35002704
can anyone please respond to my Q above ?
0
Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
LVL 17

Accepted Solution

by:
Jesse Houwing earned 400 total points
ID: 35006606
If you're using WCF for your webservices (you really should), then it's all configurable from the .config file. See also:

How to: Use Certificate Authentication and Transport Security in WCF Calling from Windows Forms
http://msdn.microsoft.com/en-us/library/ff650785.aspx

Alternative walkthrough:
http://blogs.ugidotnet.org/cfolini/archive/2008/01/04/90561.aspx

0
 
LVL 22

Expert Comment

by:pivar
ID: 35006627
Hi,

Attached you'll find code doing this.

The certificate is added on server with Microsoft cert tool. You can find the thumbprint (which is only one way to identify the cert) in the details dialog in the tool.

The GetCertificate method are checking the LocalMachine and CurrentUser (if needed) stores.


/peter

private X509Certificate2 GetCertificate(string thumbprint) {
		X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
		store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
		X509Certificate2Collection coll = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
		X509Certificate2 x509 = coll.Count == 0 ? null : coll[0];

		if (x509 == null)	{
			store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
			store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
			coll = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
			x509 = coll.Count == 0 ? null : coll[0];
		}
		return x509;
    }

    protected void CallWS() {
        WSService ws = new WS.WSWSService();
		X509Certificate2 x509 = GetCertificate(Settings.GetCertThumbMissiveWS());
		if (x509 == null) {
		// Cert not found
		  return;
		}

		ws.Credentials = CredentialCache.DefaultCredentials;
		ws.ClientCertificates.Add(x509);
		ws.Call();

Open in new window

0
 

Author Comment

by:vemi007
ID: 35010483
ToAoM: Thanks for the info .. looks like based on the info in your links , no programming is necessary to use the client certificate with the call, it just needs to be in "app.config".

pivar:
Your code is to add the certificate runtime and you have it programmed within the code. I do have a Q you said for the GetCertificate method I should pass the "thumbprint" as string, in your code below when you  make the call to the method you are passing the value from "Settings" (Settings.GetCertThumbMissiveWS()), so was wondering how you added the method (GetCertThumbMissiveWS()) to the settings in the project ?
0
 
LVL 17

Expert Comment

by:Jesse Houwing
ID: 35010599
Yes, that is correct. You should be able to configure all from the app.config if you're using a WCF service reference.

Pivars example applies to classic style webservices, but can also be applied to WCF if wanted. In my opinion configuring it all in the app.config is desirable.
0
 
LVL 22

Expert Comment

by:pivar
ID: 35010940
No Settings is my own config class. Which maps to a xml file.
Not the .net. Sorry for the confusion.
0
 

Author Closing Comment

by:vemi007
ID: 35011921
Thanks for your assistance.
0

Featured Post

Announcing the Most Valuable Experts of 2016

MVEs are more concerned with the satisfaction of those they help than with the considerable points they can earn. They are the types of people you feel privileged to call colleagues. Join us in honoring this amazing group of Experts.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
HttpPostedFile 1 30
ASP.NET(C#) Eliminating weekends from a date range 2 46
Release Dynamically Allocated Memory in C# 3 38
SSL CSR question 2 8
SSL stands for “Secure Sockets Layer” and an SSL certificate is a critical component to keeping your website safe, secured, and compliant. Any ecommerce website must have an SSL certificate to ensure the safe handling of sensitive information like…
Since pre-biblical times, humans have sought ways to keep secrets, and share the secrets selectively.  This article explores the ways PHP can be used to hide and encrypt information.
This video shows how to quickly and easily add an email signature for all users on Exchange 2016. The resulting signature is applied on a server level by Exchange Online. The email signature template has been downloaded from: www.mail-signatures…

820 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question