.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
david stephan
Gaurav Pal
Post New Web Links

Need help creating Secure Site that will require client certificate

Posted By:      Posted Date: December 04, 2010    Points: 0   Category :.NET Framework


I am trying to create a secure web service that will require certificate from clients. I'm not working with WCF, just a web service. This is what I did so far:

On the default web site, where I have other web sites that are not secured, I've configured one of the virtual directories in the following way: Directoy Security->Secure Communication -> Edit I've Tagged Require SSL, and Require client certificate. Then, I've created a Many to One Mapping rule that maps a certificate, by CN to a certain user account.

When I try to access the web site, with a client application (https://SERVERNAME/VIRTUALDIRECTORY/ASMXFILE.asmx) I get the following message :

"Unable to connect to the remote server"

Ofcourse I send a proper certificate.

What am I doing wrong?


View Complete Post

More Related Resource Links

C# - Creating web client for automating user activity on a HTTPS site

I've been wracking my brain for a couple of weeks on this.  I need to create a web client (I don't want to use the webBrowser control because I need this to be as lightweight as possible) to log in to a secure web site, and then effectively click links and fill in fields to get the data that would normally be displayed in the web browser.  I'm then going to parse the data and perform other actions with it. I have been working with HttpWebRequest and HttpWebResponse and many permutations of suggestions I have found while Googling my issue, but I can't get rid of my problem:  Sometimes when I effictively click the ultimate link that I need to click to get to my data, I get what I am looking for.  However, MOST of the timel, I get a response page that tells me my connection timed out and that I need to log in again.  I have tried messing with cookies and such, but to no avail. I know it's good form to post my code, but it is so sloppy and screwed up right now from tweaking this and trying that, that I'd rather not take the approach of fixing what's there, rather I'd like to start with solid, clean code to begin with. Your help will be greatly appreciated. Thanks, ALo

SP2010 SSL Crawl Fails - Accessing this site requires a client certificate.


Full error Message:  Accessing this site requires a client certificate. Specify a client certificate in the crawl rules.

I added the Crawl Rule and Content Source for the test site https://sp.xxxx.com/TestSite and tried specifying each available client certificates in the rules one by one, but the crawl still fails.





What kind of certificate does it needs and how to enable it? I know that the *.xxxx.com certificate is used for our SSL.


DHTML and .NET: Host Secure, Lightweight Client-Side Controls in Microsoft Internet Explorer


In the past, Web developers often used ActiveX controls if they wanted customized client-side functionality incorporated into their Web applications. Now, they can build objects supported by the Microsoft .NET Framework which are more compact, lightweight, secure, and seamlessly integrated. By hosting .NET Windows Forms controls in Internet Explorer, developers can realize many of their client-side Web development goals. This article adapts ActiveX concepts for use with Windows Forms, and builds a multifile upload application that demonstrates these techniques.

Jay Allen

MSDN Magazine January 2002

Secure Sockets Layer: Protect Your E-Commerce Web Site with SSL and Digital Certificates


Security is one of the most important factors in the future growth of e-businesses. Making sure that communications remain secure between customers and the Web server is a critical issue. Secure Sockets Layer (SSL) is the standard that secure Web sites are built upon today. This article presents an overview of SSL-based Web security, explaining such fundamental concepts as digital certificates and their distribution, encryption, and the proper configuration of Microsoft Internet Information Services (IIS). Acquiring a certificate, installing it, and configuring IIS for SSL are outlined in a step-by-step process.

John Papa

MSDN Magazine April 2001

Sharepoint site client access denied


I have an sharepoint application which was working fine.

I encountered a license expired message in sql server enterprise evaluation 2008 version after which i changed the date to 2 months earlier date, I have also changed HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\100\ConfigurationState to 3 after which sql server started working but the issue is that the clients are unable to access the sharepoint site completely. On providing the url the web site requests for logon information and then access is denied. The same url with the same authentication credentials is accessible from the server and the entire application works fine from the server. 

From the  client the below error page appears.

You are not authorized to view this page

You do not have permission to view this directory or page using the credentials that you supplied.

Please try the following:

  • Contact the Web site administrator if you believe you should be able to view this directory or page.
  • Click the Refresh button to try again with different credentials.

HTTP Error 401.1 - Unauthorized: Access is denied due to invalid credentials.
Internet Information Services (IIS)


Programmatically creating a SharePoint Site based on user input


I am working on developing a “Create Website Wizard” for SharePoint 2007 that would do the following (I am simplifying a little for the sake of this post):


1.      Take user input as follows:



Product Code:

Category (I, II, III):

The category will be a choice field (radio buttons or a dropdown)

sslstream client certificate validation error

Hi,I have taken server and client program from MSDN2 for sslstream. in that code client certifiacte authetication is made false  i want to enable that and do the code i have done some modification to the code but is giving error "RemoteCertificateNotAvailable" and i think that its not getting the client certificate at server side.So please can any one help me to do client server program using sslstream in which client certificate also needs to be validated.I am attaching my modified code of MSDN2Server sideusing System;using System.Collections;using System.Net;using System.Net.Sockets;using System.Net.Security;using System.Security.Authentication;using System.Text;using System.Security.Cryptography.X509Certificates;using System.IO;namespace Examples.System.Net{    public sealed class SslTcpServer     {        static X509Certificate serverCertificate = null;        // The certificate parameter specifies the name of the file         // containing the machine certificate.        // The following method is invoked by the RemoteCertificateValidationDelegate.        public static bool ValidateClientCertificate(              object sender,              X509Certificate certificate,              X509Chain chain,              SslPolicyErrors sslPolicyErrors)        {            SslPolicyErrors errors = sslPolicyErrors;            if (errors != SslPolicyErrors.None)            {

connect client certificate to an account in a membership database

Hello I have created a web service that authenticates with username and password, works fine.Basically this one, http://msdn.microsoft.com/en-us/library/ff649647.aspxNow I also want to connect to this web service using client certificates, works finehttp://msdn.microsoft.com/en-us/library/cc948997.aspx But I would like to when authenticated via client certificates, connect that certificate to a user in the membership database.So that I can use Roles.IsUserInRole(...) and such.I thought that, well if I implement a Custom certificate Validatorhttp://msdn.microsoft.com/en-us/library/ms733806.aspxthen I could check for example subject and map that against a created username in the membership database.But in the class X509CertificateValidatorpublic override void Validate(X509Certificate2 certificate)I don't have the same ability as when the user is authenticatedlike  void OnAuthenticateRequest(object source, EventArgs eventArgs)HttpApplication app = (HttpApplication)source;Basically how can I do this app.Context.User = new GenericPrincipal(new GenericIdentity(username, "Membership Provider"),roles);withinpublic override void Validate(X509Certificate2 certificate)and if that is not possible, can this be solved differently?Bottom line, how do I connect a client certificate to a user account in the membership database. Is there a MSDN article

The SMTP server requires a secure connection or the client was not authenticated.........

i am using asp.net & have a emailing modulewhen i use gmail host i amable 2 send the mail but when i am using yahoo host i get  error msgthe yahoo id & password are right  but still getting the below msg ---------------------------Windows Internet Explorer---------------------------  ' The SMTP server requires a secure connection or the client was not authenticated. Authentication Required. '   ---------------------------OK   ---------------------------

Getting client information from X.509 certificate in C# code

I have a WCF service which accepts X.509 certificate signed incoming messages. As per my understanding the client will send the message with signature encrypted using his private key and web services will decrypt the signature with client's public key. This ensures that the sender of the message is holder of the private key and that he is certified by the server trusted CA as "He is what he claims to be". It's being a highly secure application I need to give access to only certain clients regardless of whether they are trusted or not. (This is to take care of good turned bad scenario :-)) How do I achieve this? Is there any way to get the client information as subject name etc from his certificate in C# code? Is there any example of this usage? Thanks in advance,Jeet.    

RijndaelManaged - Creating a secure yet retrievable Key, IV, and Salt?

I'm developing an ASP.NET application and for various reasons that are too lengthy to discuss here, using FormsAuthentication to handle login will not work. Therefore, I needed an alternate way to encrypt login data before storing it into a cookie (if the user decides to save their username and password for future visits to my site) and stumbled across RijndaelManaged. However, I need some information on how to securely generate a Key, an Initialization Vector, and a Salt. All of the examples on the web show code that either uses the default randomly-generated values in the RijndaelManaged object, which is an unrealistic solution since the RijndaelManaged object will be lost as soon as the method ends and I need to be able to decrypt the cookies days or even weeks later, or they hard code these values into the source code, which is insecure.

Creating a new root Site Collection using a custom site definition file (ONET.XML)

Using Powershell, I am trying to deploy the our custom solution to SP 2010.  The script is doing the following: Deleting the web application using Remove-SPWebApplication Creating a new web application using New-SPWebApplication Adding and deploying a series of WSP files (one of which has the site definition file in it) using Add-SPSolution and Install-SPSolution Create a root site collection based on the site definition file provided in the WSPs using New-SPSite I get the error "WARNING: Template is not found and is not applied." When I run Get-SPWebTemplate, my site definition does not show up. I saw this: http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/5ea46e07-a4b0-4bab-b698-9b6eeb695607 but I want a solution that does not involve me reloading a DLL, as, I feel there is something else I am forgetting. I have also tried: IISReset Resetting the timer service Cleaning the Cache (as described here: http://support.microsoft.com/kb/939308) Nothing seems to work.  Does anyone have any ideas?

Using Outlook as Client for WSS Site

We have a WSS Project Management site on one of our servers. We are trying to give our users access to forms showing them the status of their requests and a form to allow them to add projects through Outlook 2007 which runs on Exchange 2003. We found a post on how to add a new folder item in Outlook and set the Home Page as the sharepoint URL for application pages (web part pages created through WSS). This works very well, except where you try and use a Person Lookup button or edit the properties of a document in a document list. I have noticed that the address box in Outlook shows "Outlook:ITInformation\My Live Projects". If you click on one of the Sharepoint Quick Menu or Top Menu items that appear Outlook Window, the address box changes to http:// address of the page on the Sharepoint and buttons and menus work. I am trying to create a focused version for our users rather than them have to work their way through the whole site to get to the information relevant to them. I have searched the web for information on this, but I have now reached a brickwall. Can anyone help?

In Sharepoint 2007 while creating a group "Give Group Permission to this Site" section is missing

I have a strange anamoly in Sharepoint 2007 but I am guessing I am missing some minor step since I am new to Sharepoint. I am trying to create a new group which I have done before successfully. 1.On the home page of the site,  I click Site Actions, point to Site Settings, and then click People and Groups. 2.On the New menu, I click New Group. 3.Type a name for the group, and then type a brief description of the group's attributes in About Me. 4.I change the owner of the group or click Browse to find an individual's account name. 5.In the Group Settings section, I click the options to specify who can see the members of this group and who can add or remove members. 6.In the Membership Requests section, I click the options (No, No) and no email address entered Here is the problem part: I am supposed to see  the "Give Group Permission to this Site section"  but I see only Create and Cancel buttons.   Can you please help why I do not see  "Give Group Permission to this Site section". Is there another way to assign group permission?

Need suggestion's and guidelines for designing and creating WCF client channel pool

  What factor's should be considered for creating a WCF client channel pool? 1)Whether it is advisable to create a pool of pre-opened channel's?or create a new channel as an when needed?which one is expensive operation? 2)what should be the pool size? 3)how pool will support if concurrent request's are coming which use different binding's? 4)what should be channel lifetime? 5)If all the connection's in the pool are busy,whether we should wait till the free channel's are available in the pool or create new one's which is expensive?which one is better? if anybody is able to provide some usefull links it will be helpfull.

Creating a Resource Reservation Site - suggestions on how to accomplish

After some suggestions here for solutions. We upgraded from SharePoint 2007 to SharePoint 2010, and the RoomEquipmentReservations.wsp template stopped working. We knew it might happen - so no shock there. We need a way of allowing staff to view and reserve resources (such as ICT Rooms, Digital Cameras). I have tried using a group calendar, but this has two major issues: I can find no way of having all of the resources shown when the site is accessed, the user has to add them in. When you click a resource after adding them in, it thinks you want to book all of the resources shown. To summarise what we are trying to achieve: A calendar style list showing all resources and any bookings for those resources (gantt style?) The ability to have the user click a free slot on the calendar above and be asked to enter other information about the booking. Once a booking is made, the user who created it. Any suggestions on how best to make all of this happen? As an aside: anyone know if MS are going to be recreating the 40 application templates for SharePoint 2010? Thanks. Craig.

Help with creating graphs in a site page from figurative data in custom list

Guys Can anyone provide me with someone help please? I need to be able show a graphs/line format in a web part of a site page on my SP 2010 site. I want to use some changing figurative data that is contained within a custom list change a the line/pie chart graph on the fly that is located within a chart/line graph in a site page. Basically when the data in the custom list gets changed by my resources I want to be able to see the changes in the graph almost like a live dashboard. I would be very greatful for some help. Note: I am not a coder nore do I ever claim to be, but if I could get a step by step guide on how to achieve this then I would be very greatful. I have a good understanding of SP but I am not to the coder. I able to supply the list if necessary and if someone could provide me with the code/or if code is not necessary for this task then please can you advise how? Many Thanks Mike Gowlett PMP P2P (MCSE, MSP, Old School :-) 
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend