Click here to Skip to main content
Click here to Skip to main content

Send a private client certificate (p12) in HTTP Post

By , 23 Jul 2012
Rate this:
Please Sign up or sign in to vote.

I was developing an application to post xml data to a URL (REST call) using ASP.NET and C#. The endpoint was hosted with a third party vendor and they had a much secured hosting environment. Their endpoints were https and they installed and generated the private client certificate (a password protected .p12 file) on their servers to prevent unwanted requests / hits.

So to access their endpoints one has to have that client certificate, basically any request to the endpoints should have the client certificate enclosed with the request data, even if you are requesting it from browser window you have to have that certificate installed in your browser.

To resolve the same first I installed that certificate on my development server, then I could able to request that URL from browser window. But when I did the same using my asp.net C# code using httpwebrequest object I got 403 forbidden error as the request was not sending the client certificate with XML data.

Ideally, if you have any .cer file you can add it with request object by using X509Certificate class but in case of private client certificate it just doesn’t work for that you have to use X509Certificate2 class, Here is the code snippet. You need to place the .p12 file in your webserver’s hard drive.

public string PostData(string DataToPost,string URL)
{
String result = "";
String strPost = "RequestXML=" + DataToPost;
StreamWriter myWriter = null;
HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(URL);
objRequest.Method = "POST";
objRequest.ContentLength = strPost.Length;
objRequest.ContentType = "application/x-www-form-urlencoded";
objRequest.ClientCertificates.Add(new X509Certificate2(@"E:\Certificate\clientcertificate.p12", "password"));
try
{
myWriter = new StreamWriter(objRequest.GetRequestStream());
myWriter.Write(strPost);
}
catch (Exception e)
{
//
}
finally
{
myWriter.Close();
}
HttpWebResponse objResponse = HttpWebResponse)objRequest.GetResponse();
using (StreamReader sr =
new StreamReader(objResponse.GetResponseStream()))
{
result = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}return result;
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

About the Author

Shabbir Lathsaheb
Software Developer (Senior)
India India
I am Shabbir Husain Lathsaheb (@SHLathsaheb). Programming is both my passion and profession. I work with a Web Application Development firm as a Sr. Software Engineer and in my free time I am a consultant, I love to sleep and am a movie buff. Do visit My blog to know more.
Follow on   Twitter   Google+

Comments and Discussions

 
QuestionThank you PinmemberArjun Arora15-Sep-13 13:57 

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

| Advertise | Privacy | Mobile
Web03 | 2.8.140415.2 | Last Updated 23 Jul 2012
Article Copyright 2012 by Shabbir Lathsaheb
Everything else Copyright © CodeProject, 1999-2014
Terms of Use
Layout: fixed | fluid