Click here to Skip to main content
11,409,097 members (49,045 online)
Rate this: bad
Please Sign up or sign in to vote.
See more: ssl certificate Client
I am having trouble with my project, when i add the client certificates to my requests (sslstream or httpwebrequest) they end up being null on the other end of the request. Does anyone have any ideas?

Code Sample:

           public void RunClient()
                string machineName = "my-loaner.myworld.local";
                string serverName= "clientmachine";
                //get the client certificate from the store on the local machine               
               xCert = PickCertificate(StoreLocation.LocalMachine, StoreName.My);
               // Load the certificate into an X509Certificate object.
                var xCertColl = new X509CertificateCollection {xCert};
                // Create a TCP/IP client socket.
                // machineName is the host running the server application.
                TcpClient client = new TcpClient(machineName,443);
                //Console.WriteLine("Client connected.");
                // Create an SSL stream that will close the client's stream.
                SslStream sslStream = new SslStream(
                    new RemoteCertificateValidationCallback(ValidateServerCertificate),
                // The server name must match the name on the server certificate.
                    sslStream.AuthenticateAsClient(serverName, new X509CertificateCollection(xCertColl), SslProtocols.Tls, false);
                catch (AuthenticationException e)
                    Console.WriteLine("Exception: {0}", e.Message);
                    if (e.InnerException != null)
                        Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                    Console.WriteLine("Authentication failed - closing the connection.");
                byte[] messsage =Encoding.UTF8.GetBytes("GET /default.aspx?=23 HTTP/1.1\r\nHost: my-loaner.myworld.local\r\nAccept: */*\r\n\r\n");
                // Send hello message to the server. 
                StreamResponse = sslStream;
                Image2.ImageUrl = WriteRequest();
                // Read message from the server.
               // string serverMessage = ReadMessage(sslStream);
                //Console.WriteLine("Server says: {0}", serverMessage);
                // Close the client connection.
                Console.WriteLine("Client closed.");
private static X509Certificate2 PickCertificate(
                         StoreLocation location, StoreName name)
            var store = new X509Store(name, location);
                X509Certificate2 cert;
                if(store.Certificates.Count == 1)
                    cert = store.Certificates[0];
                // pick a certificate from the store
                     cert =
                            store.Certificates, "Caption",
                            "Message", X509SelectionFlag.SingleSelection)[0];
                // show certificate details dialog
               // X509Certificate2UI.DisplayCertificate(cert);
                return cert;
            finally { store.Close(); }
Posted 10-Sep-12 9:19am
Edited 10-Sep-12 11:13am
Wes Aday94.3K
Sergey Alexandrovich Kryukov at 10-Sep-12 15:34pm
Hardly, because you did not supply relevant information. I does not qualify as a question, just not yet. How about a code sample? If you can do it, don't reply, just use "Improve question" above.
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

Have you enabled client certificates:[^]

Some guide lines from MS:[^]

Also look at the following code get some initial idea on ICertificatePolicy interface:
using System;
using System.IO;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Text;
public class HttpWebRequestClientCertificateTest : ICertificatePolicy {
    public bool CheckValidationResult (ServicePoint sp, X509Certificate certificate,
            WebRequest request, int error)
            return true; // server certificate's CA is not known to windows.
    public void RunClient(string certficatepath, string password=null)
            string host = "https://localhost:1234/";
            if (args.Length > 0)
                    host = args[0];
            X509Certificate2 certificate = null;
            certificate = new X509Certificate2 (certficatepath, password);
            ServicePointManager.CertificatePolicy = new HttpWebRequestClientCertificateTest ();
            HttpWebRequest req = (HttpWebRequest) WebRequest.Create (host);
            if (certificate != null)
                    req.ClientCertificates.Add (certificate);
            WebResponse resp = req.GetResponse ();
            Stream stream = resp.GetResponseStream ();
            StreamReader sr = new StreamReader (stream, Encoding.UTF8);
            Console.WriteLine (sr.ReadToEnd ());
Mathlab at 14-Sep-12 9:18am
I took a look at your code and it does seem as if you have tested it properly before sending it you have logical errors
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

I had a problem with the service point manager where the certificate was not trusted on the server that I tried to access.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
0 OriginalGriff 350
1 Sergey Alexandrovich Kryukov 310
2 Maciej Los 155
3 Peter Leow 140
4 Dave Kreskowiak 115
0 Sergey Alexandrovich Kryukov 8,676
1 OriginalGriff 6,855
2 Maciej Los 3,322
3 Abhinav S 3,238
4 Peter Leow 3,034

Advertise | Privacy | Mobile
Web03 | 2.8.150414.5 | Last Updated 2 Nov 2012
Copyright © CodeProject, 1999-2015
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100