c# - .NET Mutual SSL handshake 'Client Authentication' -


i working on problem last couple of days , not able anywhere.

the scenario ios app in field call rest service (.net). rest service call apache web service using mutual ssl handshake. whatever data receive have pass data ios devices in field.

the issue 2nd part of communication between rest service , apache web service.

client certificates has been signed using key usages of client authentication, digital certificate, key encipherment. root singers of certificate has been placed on apache server. if try using web browser can perform handshake without issues.

sample code using perform authentication using sslstream. using method error stating "the message received unexpected or badly formatted" , guys manage apache web server says can see request coming in according them not receiving , certificate this.

var certificate = @“certificate.cer”; var hostaddress = “hostaddress"; var certificates = new x509certificate2collection(new x509certificate2(certificate)); runclient(hostaddress, 1316, certificates);  static void runclient(string hostname, int port, x509certificate2collection certificates) {             tcpclient client = new tcpclient(hostname, port);             sslstream sslstream = new sslstream(client.getstream(), false, validateservercertificate);             try             {                 sslstream.authenticateasclient(hostname, certificates, sslprotocols.ssl3, true);                 write("authenticated.");             }             catch (authenticationexception ex)             {                 write("inner: " + ex.innerexception.message);                             }             catch (exception ex)             {                 write(ex.message);             } }

sample code using perform authentication using httpwebrequest. using method gives me following issue "the request aborted: not create ssl/tls secure channel."

var certificate = @“certificate.cer”; var hostaddress = “hostaddress"; var certificates = new x509certificate2collection(new x509certificate2(certificate)); public static t post(string url, string body, x509certificate2 cert)         {             var webrequest = fbjsonrequestservice.createrequest(url, cert, webrequestmethods.http.post, body);             using (var webresponse = webrequest.getresponse())             {                 return createresponse(webresponse);             }         } var webrequest = (httpwebrequest) webrequest.create(url);             webrequest.clientcertificates.add(cert);             //webrequest.authenticationlevel = authenticationlevel.mutualauthrequested;             webrequest.credentials = credentialcache.defaultnetworkcredentials;             webrequest.method = method;             webrequest.contenttype = "application/json; charset=utf-8";             if (body != null)             {                 using (var streamwriter = new streamwriter(webrequest.getrequeststream()))                 {                     streamwriter.write(body);                 }             }             return webrequest;

hope makes sense want know if whatever doing right or doing wrong.

i think content of file certificate.cer incorrect. extension .cer in opinion contains certificate not private key.

you have use certificate.p12 or certificate.pfx contains private key. these extensions represent pkcs#12 standard. there can whole certificate chain included in these files.

you can load p12 file using different constructor of x509certificate2 class. please @ this documentation.


Comments

Post a Comment

Popular posts from this blog

php - SPIP: From Tag directly to an article -

i work spip , plugin called tagsphere works fine tags in spip. have tag groupe put 1 article tag. when click on tag in tagsphere send me before menu can see articles linked tag. want send me directly article without see tag menu before. here code model of thagsphere: <div id="tagsphere-#env{id_article}"> <ul> <boucle_mot(mots){id_groupe ?}> <li>[<a href="#url_mot">(#titre)</a>]</li> </boucle_mot> </ul> </div> anybody idea? if want skip tag page, have link directly article. <b_article> block prevents display tag if no article linked. <div id="tagsphere-#env{id_article}"> <ul> <boucle_mot(mots){id_groupe ?}> <b_article> <li> <a<boucle_article(articles){...
Read more

jquery - isAjaxRequest always return false -

i got error message 404,'model has not been saved' following code my action controller public function actionextend($id) { $model=$this->loadmodel($id); if(yii::app()->request->isajaxrequest) { $model->todate = date('y-m-d h:i:s a',(strtotime('next month',strtotime(date('y-01-d'))))); if($model->save()) { yii::app()->end(); } else { throw new chttpexception(404,'model has not been saved'); } } } the jquery call $("#buttonextend<?php echo $this->post_row;?>").click(function(e){ $.ajax({ type: "post", url: "<?php echo yii::app()->createurl('post/extend', array('id' => $data['id'])); ?>", }); }); why not ajax call ? thank help i found response, missed } , function ...
Read more

ruby on rails - In a controller spec, how to find a specific tag in the generated view? -

i know integration tests preferred need ran in controller test, i'm testing gem injecting html code in view, xhr can't run in feature spec (if can, please explain me how :) ) so rspec controller tests can assert selector present (with capybara) : response.body.should have_selector('#foobar') has_selector? call all method capybara find selector. what want last child of body , assert id in particular. afaik it's not possible have_selector. what : all('body:first-child').first.id.should == '#foobar' however, capybara dsl, defined (more or less): def all(*args) page.all(*args) end and page empty unless use visit it's integrations specs. how can use capybara all method inside rspec controller test ? i can't test right after googling seems trick def page capybara::node::simple.new(response.body) end source
Read more