sending x509 certificates in https request

sedj · Feb 22, 2007

Hi,

I'm attempting to send an x509 certificate along with an http(s) request, but I don't think its actually sending the cert over the connection. There are no errors apparent either when running the code.

I'm fairly sure the cert is not being sent, because I wrote a test SSL server for the client to hit so I can see exactly the data being sent.

Code:

HttpWebRequest request = (HttpWebRequest)WebRequest.Create("[URL unfurl="true"]https://localhost/bla");[/URL]

X509Certificate cert = X509Certificate2.CreateFromCertFile(fileName);

request.ClientCertificates.Add(cert);

... send data etc ...

Anybody have any ideas ?

Cheers

--------------------------------------------------
Free Java/J2EE Database Connection Pooling Software

http://www.primrose.org.uk

sedj · Feb 26, 2007

Turns out that the code is fine - the certificate is validated in the SSL layer, so is never propogated through to the HTTP layer in a HTTP/SSL (HTTPS) server.

You can configure your web server (ie Apache in our case) to validate, and propogate the x509 cert details back to your server side code (ie Tomcat in our case) by using certain mod_ssl directives .

--------------------------------------------------
Free Java/J2EE Database Connection Pooling Software

http://www.primrose.org.uk

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

sending x509 certificates in https request

sedj

Programmer

sedj

Programmer

Similar threads

Part and Inventory Search

Sponsor