[Mono-list] HttpWebRequest and client certificates

Sebastien Pouliot sebastien.pouliot at gmail.com
Wed May 9 13:43:53 EDT 2007 

Bonjour Samuel,

I did commit the hack into SVN and it does work with XSP(*). Let me know
if this works, or not, in your web service scenario.

(*) http://www.mono-project.com/UsingClientCertificatesWithXSP
wiki page was updated to reflect this

Sebastien

On Mon, 2007-05-07 at 13:25 -0400, Sebastien Pouliot wrote:
> Bonjour Samuel,
> 
> On Wed, 2007-05-02 at 14:29 +0200, Samuel CARRIERE wrote:
> 
> 5 days to get this email ? I guess/hope you're not subscribed to the
> list.
> 
> > >On Mon, 2007-03-12 at 17:46 +0100, Michal Ziemski wrote:
> > >> Hi!
> > >> 
> > >> Does HttpWebRequest support client certificates in mono?
> > >> Th FAQ 
> > >>
> > (http://www.mono-project.com/FAQ:_Security#Are_SSL_client_certificates_supported_.3F)
> > >> states it doesn't in 1.1, but might in 2.0
> > >> 
> > >> Does it work in 2.0?
> > >
> > >There as been progress, both for the new X509Certificate2 and
> > X509Store
> > >classes, but the HttpWebRequest code hasn't yet been updated. This
> > part
> > >is somewhat interlocked with the new SslStream class (2.0) and how
> > we'll
> > >provide it. 
> > >
> > >However at this stage it may be possible to make a quick hack to add
> > >client-side certificate support for *some* 2.0 apps (depending on how
> > >the certificate is loaded).
> > >
> > >> 
> > >> Cheers!
> > >> Michal Ziemski
> > >> 
> >  
> > Hi everybody,
> >  
> > I am working on a C# mono application that needs client certificates
> > to call a webservice.
> > Sebastien, can you explain a bit what sort of "quick hack" it may be
> > possible to make, to
> > make this following test code work ?
> >  
> >  static void Main(string[] args)
> >  {
> >     // Instanciate webservice client
> >     WSAddition.Addition client = new testWsSSL.WSAddition.Addition();
> >     X509Certificate2 Cert = new
> > X509Certificate2("/my/clientCertificate.p12", "password");
> >     client.ClientCertificates.Add(Cert); 
> >     // Call webservice method
> >     int result = client.add(5,6);
> >     Console.WriteLine("Result : " + result);
> >  }
> > 
> > Does it require to hack the HttpWebRequest class ?
> 
> Yes, but it should be simple. The hack is to supply the private key
> (available from X509Certificate2) to the SSL code.
> 
> It would probably take me much longer to set up a client and server web
> service to test it than to implement it. However if you open a bug
> report (http://bugzilla.ximian.com) with a client, working with a public
> SSL/client certificate web service, I should be able to add this fairly
> quickly.

More information about the Mono-list mailing list