.NET Tutorials, Forums, Interview Questions And Answers
Welcome :Guest
Sign In
Win Surprise Gifts!!!

Top 5 Contributors of the Month
Gaurav Pal
Post New Web Links

Getting client information from X.509 certificate in C# code

Posted By:      Posted Date: August 31, 2010    Points: 0   Category :ASP.Net
I have a WCF service which accepts X.509 certificate signed incoming messages. As per my understanding the client will send the message with signature encrypted using his private key and web services will decrypt the signature with client's public key. This ensures that the sender of the message is holder of the private key and that he is certified by the server trusted CA as "He is what he claims to be". It's being a highly secure application I need to give access to only certain clients regardless of whether they are trusted or not. (This is to take care of good turned bad scenario :-)) How do I achieve this? Is there any way to get the client information as subject name etc from his certificate in C# code? Is there any example of this usage? Thanks in advance,Jeet.    

View Complete Post

More Related Resource Links

Return of the Rich Client: Code Access Security and Distribution Features in .NET Enhance Client-Sid


Rich clients employ many of the features and conveniences of the operating system they run on, and the list of these features has been growing since the dawn of the PC. But as apps have migrated to the Web, the trend towards increasing client-side functionality has ground to a virtual halt. There are several reasons for this; chief among them are security and deployment problems. But that's all about to change. With the .NET Framework, you can participate in building the distributable rich client of the future. In this article, the author enumerates the pertinent features of .NET that will allow you to build safe, easily deployable controls. The features discussed include managed code, code access security, versioning control, Windows Forms classes, and isolation.

Jason Clark

MSDN Magazine June 2002

C# and the Web: Writing a Web Client Application with Managed Code in the Microsoft .NET Framework


When the author wanted to build a middleware Web client to connect to other applications over the Internet, he realized that the XMLHttpRequest COM object was not sufficient for his purposes. In order to build a Web client using managed code, the author had to use the HTTPWebRequest and HTTPWebResponse classes provided by the Microsoft .NET framework. These classes are used in the sample project as a substitute for the less powerful XMLHttpRequest COM object, allowing the author to build a full-featured Web client. They also take advantage of all the benefits that the CLR and managed code have to offer.

Avi Ben-Menahem

MSDN Magazine September 2001

sslstream client certificate validation error

Hi,I have taken server and client program from MSDN2 for sslstream. in that code client certifiacte authetication is made false  i want to enable that and do the code i have done some modification to the code but is giving error "RemoteCertificateNotAvailable" and i think that its not getting the client certificate at server side.So please can any one help me to do client server program using sslstream in which client certificate also needs to be validated.I am attaching my modified code of MSDN2Server sideusing System;using System.Collections;using System.Net;using System.Net.Sockets;using System.Net.Security;using System.Security.Authentication;using System.Text;using System.Security.Cryptography.X509Certificates;using System.IO;namespace Examples.System.Net{    public sealed class SslTcpServer     {        static X509Certificate serverCertificate = null;        // The certificate parameter specifies the name of the file         // containing the machine certificate.        // The following method is invoked by the RemoteCertificateValidationDelegate.        public static bool ValidateClientCertificate(              object sender,              X509Certificate certificate,              X509Chain chain,              SslPolicyErrors sslPolicyErrors)        {            SslPolicyErrors errors = sslPolicyErrors;            if (errors != SslPolicyErrors.None)            {

Sign outgoing body from client with custom endpoing behavior defined in code

I'm trying to sign (and sign only) the body of every outgoing message that uses this custom endpoint behavior.  When I first created this it was for signing a custom SOAP header.  We are moving away from that and going to just sign the body.  We have some applications that have 10+ web service references.  We don't want to touch the reference.cs for anything.  Below is the code I had before for signing the custom soap header.  I'm trying to modify it to just sign the body.  My modified code is below, and the error I get. Private Class CustomHeaderBehavior Implements ServiceModel.Description.IEndpointBehavior Public Sub New() End Sub Private Sub AddBindingParameters( _ ByVal endpoint As ServiceModel.Description.ServiceEndpoint, _ ByVal bindingParameters As ServiceModel.Channels.BindingParameterCollection) _ Implements ServiceModel.Description.IEndpointBehavior.AddBindingParameters Dim body As New Xml.XmlQualifiedName("Body", "http://schemas.xmlsoap.org/soap/envelope/") Dim BodyMsgPartSpec As New ServiceModel.Security.MessagePartSpecification() BodyMsgPartSpec.IsBodyIncluded = True Dim requirements As ServiceModel.Security.ChannelProtectionRequirements = bindingParameters.Remove(Of ServiceModel.Security.ChannelProtectionRequirements)() requirements

connect client certificate to an account in a membership database

Hello I have created a web service that authenticates with username and password, works fine.Basically this one, http://msdn.microsoft.com/en-us/library/ff649647.aspxNow I also want to connect to this web service using client certificates, works finehttp://msdn.microsoft.com/en-us/library/cc948997.aspx But I would like to when authenticated via client certificates, connect that certificate to a user in the membership database.So that I can use Roles.IsUserInRole(...) and such.I thought that, well if I implement a Custom certificate Validatorhttp://msdn.microsoft.com/en-us/library/ms733806.aspxthen I could check for example subject and map that against a created username in the membership database.But in the class X509CertificateValidatorpublic override void Validate(X509Certificate2 certificate)I don't have the same ability as when the user is authenticatedlike  void OnAuthenticateRequest(object source, EventArgs eventArgs)HttpApplication app = (HttpApplication)source;Basically how can I do this app.Context.User = new GenericPrincipal(new GenericIdentity(username, "Membership Provider"),roles);withinpublic override void Validate(X509Certificate2 certificate)and if that is not possible, can this be solved differently?Bottom line, how do I connect a client certificate to a user account in the membership database. Is there a MSDN article

Reading Certificate information in Windows Service

Hi, I have created windows service application, While starting the service i try to get the user certificate information using follwoing code. It is return nothing. but when i try to call the same set of code using windows application it returns the certificate. Can you provide any suggestion on why Windows service call not returning the certificate information. How we can get the certificate information in windows service application.     Dim matchedCertificate As X509Certificate2 = Nothing     Dim store As New X509Store(searchConfig.StoreName, searchConfig.StoreLocationEnumValue) store.Open(   OpenFlags.ReadOnly Or OpenFlags.OpenExistingOnly)     Dim matchedCertificates As X509Certificate2Collection = CType(store.Certificates, X509Certificate2Collection)     Dim findValue As Object     ' Apply all search criterias     For Each searchCriteria As SearchCriteria In searchConfig.SearchCriteria     ' Resolve tokens in findValue findValue = ResolveTokens(searchCriteria.FindValue) matchedCertificates =   DirectCast(matchedCertificates.Find(searchCriteria.FindTypeEnumValue, findValue, False), X509Certificate2Collection)       Trace.WriteLine(String.Format("Found {0} certs with search criteria {1}={2}", matchedCertificates.Count, s

Best way to Deploy InfoPath form with connection information and managed code

Hi, Whats the best way to deploy an InfoPath form with connection information and managed code. Is there way I can create a deployment package for this? Thanks in advance, San

C# Client App connecting to WSS3.0 with X.509 certificate

I have been unable to find much information on using smart cards and X.509 certificates when connecting to WSS 3.0.  I am able to build a Web Service Reference in VS 2010 just fine.  I get prompted for my cert, I select it, enter my pin and all is well.  But I am failing to handle it properly in my app.  I created a test method that creates the new WSS List object.  I assign System.Net.Credentials.DefaultCredentials to the Credentials. I then call GetListCollection.  I am never prompted for my cert, and I get a 500 error back from the server.  Everything works fine in IE and adding the reference so I think I missed a step, but I cannot figure out what that would be. I running the app with an account that has no relationship to the authentication domain WSS is part of, so I expected to be prompted for the cert when I tried to connect. Does anyone know how to do this, or offer up some guidance.  Thanks, LD

Can I invoke a client side script from server side code

Hi is it possible to involk a client side script from the server side code without any interaction from the client side?Such as a popup or alert box?I know I can code this with the page load or the click event, I would like to call the alert from within my serverside code and trigger the action from there.Thanks

SharePoint - Report Server - Client Certificate authentication

Hi,I have a SharePoint site collection which requires client certificates. On the server I have configured Reporting Services in integration mode.I can call reports on other site collections which don't require client certificates but not on the site which does. On the site which requires client certificates the pages fail with the following error message:'An unexpected error occurred while connecting to the report server. Verify that the report server is available and configured for SharePoint integrated mode. --> The request failed with HTTP status 403: forbidden'The error message indicates that SharePoint doesn't call the web service with a client certificate. Does anyone know how I can configure SharePoint to use a client certificate?Any help is greatly appreciated.Adam

How to get configuration information in side server-side code

I'm relatively new to writing code for sharepoint 2010, and one thing I'm curious about is how/where can I store configuration information, so that if I code on 1 platform and push to another, how do I keep things like the weburl, sites, lists, etc in a config file?  Is there a standard config file to use, or would it always be the web.config for the entire system? Specifically, if i start up code, how can I find a) what is the current weburl I'm on, b) what site/sitecollection, and c) a list of all lists? thanks  Rocky Sanders

Calling Serverside PageMethod function from an external page Client Side Code ?

there is many examples on the net about this issue .like this :http://sappidireddy.wordpress.com/2008/03/31/how-to-call-server-side-function-from-client-side-code-using-pagemethods-in-aspnet-ajax/But all javascript codes are in same aspx file including codebehind WebMethodsI wantto call a pagemethod from a js which is in another page.something like this : (javascript code but not in same aspx)PageMethods("www.externalpage.com").GetContactName(ctrl.value, CallSuccess, CallFailed, dest)).or calling WebMethods from javascript must only be defined in codebehind with linked aspx fileonly avaible in same aspx ?cant I call a Webmethod in a.aspx from a javascript in b.aspx ?any clue ?thanks.

convert client vbscript code to server side

Hi There, we have some .htm pages with client side vbscript,the code is pasted below, we want to get this page run on the server side so that we can access this from a URL, can you please advice how convert this code to be able to run on the server side. Client side code: <HTML><HEAD><TITLE>Select Module</TITLE> <SCRIPT LANGUAGE="VBScript" ><!--     Option Explicit        Dim College    Dim Modules    Dim ModulesArr    Dim counter    Dim MyModules         Set College = Top.App.ActiveCollege    Set Modules = College.Modules     'Sorts the ModulesArr Array by module name.    Sub SortModules(StartPosition, EndPosition)        Dim I, J        Dim CurrName, CurrIndex        For I = StartPosition to EndPosition            J = I            CurrIndex = ModulesArr(J, 0)            CurrName = ModulesArr(J, 1)             'while Mod

WCF client code Generation

Hi, I am new to WCF programming. I am confused in creating client code. Will it be created automatically when I add Service Reference or I will have to create it using Svcutil.exe or Both things: I will have to add service reference and then create client code using Svcutil.exe Kindly confirm.Amit Lohakare

how to fetch client side hardware information??

hi...i wanted to fetch the client side hardware information using the wmi queries please help me ...i have the code for fetching hardware information using the desktop application...i wanted to impliment this onto the web application..i think any code written onto the button click event will be executed onto the server and this will give the hardware information of the server..please help me

x509 - Client Certificate infrastructure for Asp.Net question

I dont have a lot of background with SSL and X509 configuration and support with my Asp.Net application, so I was wondering if someone can explain or point me in the right direction to MSDN or any other article or posting explaining if it's possible to do what I am looking to support in my environment.I have IIS 6.0 with SSL (Verisign cert) as well as "Require client certificates" working against a local installation of Microsoft Certificate Services, https://<domain>/certsrv, where users can request and install client certs (both xp clients for basic mode, and Vista/7 for advance mode).Here's what I am up against:I have a segment of users coming from a virtualized server environment where this environment does not store personal settings for more than 48 hours. It's not an internet cafe, but rather an actual business where their IT staff uses server images to reimage each virtual server in the farm every 48hrs. Thus losing all users data in the "Current Users" Certificate Stores.The IT staff give users a network folder share to store any personal items (docs, spreadsheets, links, etc.). The servers consist of Windows Server 2003, and will be migrating to Windows Server 2008 in the next 6-9 months.These users have rights in Internet Explorer to navigate to my certsrv site and use activex to to request and install certificates then clode and
ASP.NetWindows Application  .NET Framework  C#  VB.Net  ADO.Net  
Sql Server  SharePoint  Silverlight  Others  All   

Hall of Fame    Twitter   Terms of Service    Privacy Policy    Contact Us    Archives   Tell A Friend