Accesssing webservice with client certificate

Hi Guys,

I am trying to access a webservice that requires client certificate for authentication. The client has sent us the certificate(.p12) along with the password, and I have installed the certificate under my local machine store as explained in the following article.

http://support.microsoft.com/kb/901183.

 

Using WSE2.0 I am also able to pull the certificate using the following code:

// WSE 2.0 method
  X509CertificateStore store =
    X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore);
  store.OpenRead();
  // Look for the first certificate that is named SecureMathClient.
  // Look in the local machine store.
  X509CertificateCollection col=
    (X509CertificateCollection)store.FindCertificateBySubjectString(certName);
  X509Certificate cert =null;
  try
  {

// This sample obtains the first matching certificate from the collection.
    cert = col[0];
  }
  catch(Exception ex)
  {
    throw new Exception("Certificate not Found!");
  }

What I want now is how to access the webservice by passing the client certificate through my .net web application. I cannot add reference to the webservice by using Add Webreference because I get an error saying that particular webservice requires a certificate.

Some of the code samples I am refering to keeps talking about creating a webservice proxy. How do i create the proxy when  i cannont add the reference to the webservice?

 Thank you all in advance for your help

0
zubinbalsara
12/3/2008 9:51:55 PM
asp.net.security 27051 articles. 1 followers. Follow

1 Replies
838 Views

Similar Articles

[PageSpeed] 6

Hi zubinbalsara,

It's a question about Web Service. To get a quicker and better reply, I suggest you to ask it in XML Web Service here:

XML Web Services: http://forums.asp.net/28.aspx

Thanks.


David Qian
Microsoft Online Community Support

Please remember to mark the replies as answers if they help and unmark them if they provide no help.
0
Wencui
12/8/2008 9:44:24 AM
Reply:

Similar Artilces:

Connect to a Secure webservice with Client Certificate
HI,Hoping someone can help.  We have a web application developed in ASP.NET VB.  We are using a third party that provides data for our use in XML via a secure URL.  I am using XMLReader to read the XML, and works fine on a local test file.  However I can't get it to use the live data as I cannot connect securely.  The error is :System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.  I need to use a client certificate (which we have) to access the XML via a URL.   Unfortunately I dont know where to start ...

Question .NET 2.0 Webservices compatibility issue with .NET 1.1 Client
 Hi all,I have a web service that has been created in .NET 2.0 which returns a custom type 'trading addresses' which is based on a generic list containing trade address objects.Now I have called this web method from my .NET 1.1 client, and it seems I have a collection of type TradingAddresses. I am just wondering what exactly my type TradingAddresses is if it was a core Generic List in .NET 2.0. What do Generic list collections get converted to in .NET 1.1 when the wsdl is created?(also, some fields in the TradeAddress class are Nullable types, which is a .NET 2.0 only type, wh...

WS-Security with VS.NET 2005 Web Service and .NET 1.1 Client
We ship a webservices client piece into the field which is required to run on the .NET 1.1 version of the framework, this is defined by our business people and cannot change. We would like to work with .NET 2.0 in VS.NET 2005 for the backend Web Service piece. We are able to get the 2 to communicate fine and it is not a problem. The issue now is that we need to introduce security through WS-Security. I have not been able to find much information about interop between the 2 environments and WS-Security and cannot get the security elements to be invoked in VS.NET 2005. Currently we are trying ...

Canceling client certificate selection displays Secure Channel Client Authentication Required page
Hi, Part of our site (asp.net 2.0, IIS 6 on Win2003) allows clients to be authenticated using client certificates (http://www.unipass.co.uk/About.aspx). IIS has been properly configured to require SSL/128-bit encription and client certificates. When the page is requested, the pop-up to select client certificates is properly displayed, and after the selection of the valid certificate, everything works as it should. However, if the user chooses the "cancel" button on the certificate pop-up the white page is displayed saying only: Secure Channel Client Authentication Required Th...

.net WebService with java client
I am getting error when I try to call .net webservices from java client. I am using rpc style wsdl because the java client can only seems to work with it and also the fact that same java client is calling webservice hosted in j2ee webserver(weblogic). I am using this attribute outside of class : [SoapRpcService] And for each webservice method, I have this attribute: [SoapRpcMethod(Action="")] If I take out [SoapRpcMethod(Action="")] attribute for all method except one method then it seems to work(java client can consume this webservice) for that metho...

Vista Client Security Certificate
When installing the Vista Client for Novell we are getting prompted to accept the Certificate from Novell Inc. We accept this and it works but when deploying this application out it stops at this every time wanting us to accept this Certficate. Has anybody gotten around this as we have exported the cert and tried to import on other machines but still will prompt us on that machine too. Just want an easy way to bypass that prompt. Chad Coleman wrote: > When installing the Vista Client for Novell we are getting prompted to = > accept the Certificate from Novell Inc....

Security Certificate akamai.net
While trying to access my yahoo email account, a message popped up telling me that the security certificate' name was not valid, or it was not the correct one for the site's (yahoo's) name. The name on the certificate is a248.e.akamai.net. I looked up akamai.net with google but this doesn't seem to exist. Does someone know what's wrong (or right ?) about this, and what I should do ? Am I incurring some risk in accessing my mailbox ? Thanks aze "aze" <aze@aze.com> wrote in news:aesdhi$rai$1@news.grc.com: > akamai.net Try just akamai at g...

Developed C#.net WebService 1.1 for Client C#.net 1.1. Getting error "Server was unable to process the Request" Pls Help
Hi., I developed Microsoft C#.net Web Services2003 for the Client Application C#.net 2003. When it runs in 5 machines it gives good performance and has no errors. But if i run the same application in about 80 client machines. Getting error "Server was unable to process the request". I use Sql Server 2005 as my database. I get error even when i login at a time for about 25 users. Tried modifying machine.config too. But went unsuccessful. Live Server is 2003 using IIS 6.0 I use very expensive data handling.  Its very urgent pls help. Have to post in Live Server. Thank u., ...

Client auth only sending client certificate, not sending intermediate CA certificates
[ moved to this list, per = https://groups.google.com/d/msg/mozilla.support.firefox/Ba4MzFQxqP8/DbmDU= CbJqxkJ ] I was trying to figure why some of the uses were not having a chain sent = to the server for their client certificate, and it turns out Firefox = does not send (by default?) the chaining certs. After reviewing https://wiki.mozilla.org/PSM:CertPrompt , it seems = Firefox will 'validate' that the client cert can be chained, before = allowing the user to select it. Here is a snippet of a diff of the TLS Certificate, Client Key Exchange, = and Certificate Verify ...

Client auth only sending client certificate, not sending intermediate CA certificates
I was trying to figure why some of the uses were not having a chain sent = to the server for their client certificate, and it turns out Firefox = does not send (by default?) the chaining certs. After reviewing https://wiki.mozilla.org/PSM:CertPrompt , it seems = Firefox will 'validate' that the client cert can be chained, before = allowing the user to select it. Here is a snippet of a diff of the TLS Certificate, Client Key Exchange, = and Certificate Verify packets of IE and FF. Full packets upon request. $ diff -u firefox-client-TLS.txt internetExplorer-client-TLS.txt ...

using x509 certificate in securing a webservice
  i am using wse 3.0 to secure my webservice  but i am not getting it right  next are the steps that i followed tell me where i went wrong  1. used makecart  tool to creat a certificate 2. to secure  my webservice  i used wse 3.0  in server and client policy i used same sertificate so that every thing matches i configured my client and server with the same sertificate in that case    but in response of client  request i get this earror  Object contains only the public half of a key pair. A private key must also be provided.&nb...

Java Client and APS.NET Webservice
What is the best way to expose .net webservice methods in JAVA Client? I want to load all the classes in JAVA Client as we get these classes in .net IDE.   ANY HELP...........   Thanks Advance    In the .Net side you need to create any normal web service. This service exposes a WSDL file in some url (http://yourService/Service.asmx?WSDL. Then on the Java side you should choose any web services framework (e.g. axis2) and use it to translate the .Net created WSDL file to Java classes. For axis2 you have a command line wsdl2java. If you have problem...

WebService as client in .NET Remoting scenario
Hello... I am implementing .NET remoting with a WebService as client. All works fine the first time, but when I call again the method from WS that gets the remote object and calls a remote method, I don`t get into the method(I've put a breakpoint in it... and it stops only the first time...). The second time I get to this line... and ... it stops... no exeption.. no nothing.. remoteObject.Test(); where remoteObject = Activator.GetObject(typeof(Remotable), location) as Remotable; I`ve implemented a Singleton pattern for a Class in WS like this :   interface ISingleton ...

How to let clients install a security certificate?
How to let clients install a security certificate?  I have this certificate.cer file and I don't know how I am supposed let clients install it on our website....

Web resources about - Accesssing webservice with client certificate - asp.net.security

Wildcard certificate - Wikipedia, the free encyclopedia
In addition, wildcards themselves can have subjectAltName extensions, including other wildcards. For example: The wildcard certificate *.wikipedia.org ...

Dell apologizes for HTTPS certificate fiasco, provides removal tool
(credit: Leyram Odacrem ) Dell officials have apologized for shipping PCs with a certificate that made it easy for attackers to cryptographically ...

Dell responds to concerns over certificate vulnerability
... is less common. But, that's exactly what Dell has been doing, unintentionally of course. A problem has been discovered in the eDellroot certificate, ...

Protecting your site for free with Let's Encrypt SSL certificates and acmetool
... has been more elevated lately, due to their opening up their service as a public beta. If you don't know what Let's Encrypt is, it's a Certificate ...

Microsoft zaps dodgy Dell digital certificates
Microsoft has updated several of its security tools to remove two digital certificates installed on some Dell computers that could compromise ...

Dell installs self-signed root certificate on laptops, endangers users' privacy
Dell laptops are coming preloaded with a self-signed root digital certificate that lets attackers spy on traffic to any secure website. The ...

Dell Promises To Kill Dangerous Security Certificate It Shipped On PCs
Dell says it regrets the decision to install a dangerous "root certificate" for encrypted web use on its computers and promises to kill it for ...

Texas has only recently stepped up birth certificate enforcement for immigrants, records show
Texas has only recently stepped up birth certificate enforcement for immigrants, records show

Microsoft zaps dodgy Dell digital certificates
Microsoft has updated several of its security tools to remove two digital certificates installed on some Dell computers that could compromise ...

Dell Laptops Are Shipping With a Superfish-Like Certificate Vulnerability
Security researchers recently revealed that a certificate with security vulnerabilities has been shipping pre-installed on some Dell laptops. ...

Resources last updated: 12/8/2015 2:47:58 AM