Click here to Skip to main content
15,886,012 members
Search within:


Articles / Programming Languages / C#
 
Technical Blog
View Original

Send a private client certificate (p12) in HTTP Post

Rate me:
Please Sign up or sign in to vote.
5.00/5 (4 votes)
23 Jul 2012CPOL1 min read 56.9K   3   3
I was developing an application to post xml data to a URL (REST call) using asp.net and C#. The endpoint was hosted with a third party vendor and they had a much secured hosting environment.

I was developing an application to post xml data to a URL (REST call) using ASP.NET and C#. The endpoint was hosted with a third party vendor and they had a much secured hosting environment. Their endpoints were https and they installed and generated the private client certificate (a password protected .p12 file) on their servers to prevent unwanted requests / hits.

So to access their endpoints one has to have that client certificate, basically any request to the endpoints should have the client certificate enclosed with the request data, even if you are requesting it from browser window you have to have that certificate installed in your browser.

To resolve the same first I installed that certificate on my development server, then I could able to request that URL from browser window. But when I did the same using my asp.net C# code using httpwebrequest object I got 403 forbidden error as the request was not sending the client certificate with XML data.

Ideally, if you have any .cer file you can add it with request object by using X509Certificate class but in case of private client certificate it just doesn’t work for that you have to use X509Certificate2 class, Here is the code snippet. You need to place the .p12 file in your webserver’s hard drive.

C#
public string PostData(string DataToPost,string URL)
{
String result = "";
String strPost = "RequestXML=" + DataToPost;
StreamWriter myWriter = null;
HttpWebRequest objRequest = (HttpWebRequest)WebRequest.Create(URL);
objRequest.Method = "POST";
objRequest.ContentLength = strPost.Length;
objRequest.ContentType = "application/x-www-form-urlencoded";
objRequest.ClientCertificates.Add(new X509Certificate2(@"E:\Certificate\clientcertificate.p12", "password"));
try
{
myWriter = new StreamWriter(objRequest.GetRequestStream());
myWriter.Write(strPost);
}
catch (Exception e)
{
//
}
finally
{
myWriter.Close();
}
HttpWebResponse objResponse = HttpWebResponse)objRequest.GetResponse();
using (StreamReader sr =
new StreamReader(objResponse.GetResponseStream()))
{
result = sr.ReadToEnd();
// Close and clean up the StreamReader
sr.Close();
}return result;
}

License

This article, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)



Comments and Discussions

 
First Prev Next
QuestionHelp Pin
Member 1128026320-Jan-21 21:02
Member 1128026320-Jan-21 21:02 
Questionsaved my day !!!! Pin
KarthikJIyer23-Oct-15 11:14
KarthikJIyer23-Oct-15 11:14 
QuestionThank you Pin
Arjun Arora15-Sep-13 13:57
Arjun Arora15-Sep-13 13:57 
Last Visit: 31-Dec-99 18:00     Last Update: 25-Apr-24 10:04Refresh1

General General    News News    Suggestion Suggestion    Question Question    Bug Bug    Answer Answer    Joke Joke    Praise Praise    Rant Rant    Admin Admin   

Use Ctrl+Left/Right to switch messages, Ctrl+Up/Down to switch threads, Ctrl+Shift+Left/Right to switch pages.

Permalink
Advertise
Privacy
Cookies
Terms of Use
Layout: fixed | fluid

Posted 23 Jul 2012

Article Copyright 2012 by Shabbir Lathsaheb
Everything else Copyright © CodeProject, 1999-2024

Web01 2.8:2024-04-02:1