[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 2063
  • Last Modified:

How to configure C# NET console app to send a client cert to external web service

I am working on a C# console application that makes a call to an external web service to retrieve data. However for identification in production , I cannot send user id and password instead I have to send the client certificate which was provided to me by the external vendor (Mutual SSL Authentication).

Right now I have the console application running with simple user id and password to TEST my business logic, now I have to replace id/password with the client certificate.This is where I am stuck, I have no clue on how to proceed from here.I am currently testing it on my laptop and will eventually deploy the application on production Windows 2008 server.

Do I embed the certificate "somehow" within the C# CONSOLE application code, I am not that good with certificates. I am sorry I need STEP BY STEP instructions(with code samples is even better). PLEASE any help is appreciated as I have a deadline to meet.
0
vemi007
Asked:
vemi007
  • 4
  • 2
  • 2
  • +1
1 Solution
 
rawinnlnx9Commented:
This does a good job of explaining how to do it.

http://www.codeproject.com/KB/XML/BeginnerWebService.aspx
0
 
vemi007Author Commented:
I already build the client to consume the web service as explained above. BUT i wrote code to consume web service using id and password. I need assistance and help with using a client certificate instead of id/password in the code. Your link does not show me anything related to using client certificate within my C# code.
0
 
vemi007Author Commented:
can anyone please respond to my Q above ?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
Jesse HouwingScrum Trainer | Microsoft MVP | ALM Ranger | ConsultantCommented:
If you're using WCF for your webservices (you really should), then it's all configurable from the .config file. See also:

How to: Use Certificate Authentication and Transport Security in WCF Calling from Windows Forms
http://msdn.microsoft.com/en-us/library/ff650785.aspx

Alternative walkthrough:
http://blogs.ugidotnet.org/cfolini/archive/2008/01/04/90561.aspx

0
 
pivarCommented:
Hi,

Attached you'll find code doing this.

The certificate is added on server with Microsoft cert tool. You can find the thumbprint (which is only one way to identify the cert) in the details dialog in the tool.

The GetCertificate method are checking the LocalMachine and CurrentUser (if needed) stores.


/peter

private X509Certificate2 GetCertificate(string thumbprint) {
		X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
		store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
		X509Certificate2Collection coll = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
		X509Certificate2 x509 = coll.Count == 0 ? null : coll[0];

		if (x509 == null)	{
			store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
			store.Open(OpenFlags.ReadOnly | OpenFlags.OpenExistingOnly);
			coll = store.Certificates.Find(X509FindType.FindByThumbprint, thumbprint, true);
			x509 = coll.Count == 0 ? null : coll[0];
		}
		return x509;
    }

    protected void CallWS() {
        WSService ws = new WS.WSWSService();
		X509Certificate2 x509 = GetCertificate(Settings.GetCertThumbMissiveWS());
		if (x509 == null) {
		// Cert not found
		  return;
		}

		ws.Credentials = CredentialCache.DefaultCredentials;
		ws.ClientCertificates.Add(x509);
		ws.Call();

Open in new window

0
 
vemi007Author Commented:
ToAoM: Thanks for the info .. looks like based on the info in your links , no programming is necessary to use the client certificate with the call, it just needs to be in "app.config".

pivar:
Your code is to add the certificate runtime and you have it programmed within the code. I do have a Q you said for the GetCertificate method I should pass the "thumbprint" as string, in your code below when you  make the call to the method you are passing the value from "Settings" (Settings.GetCertThumbMissiveWS()), so was wondering how you added the method (GetCertThumbMissiveWS()) to the settings in the project ?
0
 
Jesse HouwingScrum Trainer | Microsoft MVP | ALM Ranger | ConsultantCommented:
Yes, that is correct. You should be able to configure all from the app.config if you're using a WCF service reference.

Pivars example applies to classic style webservices, but can also be applied to WCF if wanted. In my opinion configuring it all in the app.config is desirable.
0
 
pivarCommented:
No Settings is my own config class. Which maps to a xml file.
Not the .net. Sorry for the confusion.
0
 
vemi007Author Commented:
Thanks for your assistance.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

  • 4
  • 2
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now