Click here to Skip to main content
12,554,041 members (67,018 online)
Rate this:
Please Sign up or sign in to vote.
See more: SSL certificate Client
I am having trouble with my project, when i add the client certificates to my requests (sslstream or httpwebrequest) they end up being null on the other end of the request. Does anyone have any ideas?

Code Sample:

           public void RunClient()
                string machineName = "my-loaner.myworld.local";
                string serverName= "clientmachine";
                //get the client certificate from the store on the local machine               
               xCert = PickCertificate(StoreLocation.LocalMachine, StoreName.My);
               // Load the certificate into an X509Certificate object.
                var xCertColl = new X509CertificateCollection {xCert};
                // Create a TCP/IP client socket.
                // machineName is the host running the server application.
                TcpClient client = new TcpClient(machineName,443);
                //Console.WriteLine("Client connected.");
                // Create an SSL stream that will close the client's stream.
                SslStream sslStream = new SslStream(
                    new RemoteCertificateValidationCallback(ValidateServerCertificate),
                // The server name must match the name on the server certificate.
                    sslStream.AuthenticateAsClient(serverName, new X509CertificateCollection(xCertColl), SslProtocols.Tls, false);
                catch (AuthenticationException e)
                    Console.WriteLine("Exception: {0}", e.Message);
                    if (e.InnerException != null)
                        Console.WriteLine("Inner exception: {0}", e.InnerException.Message);
                    Console.WriteLine("Authentication failed - closing the connection.");
                byte[] messsage =Encoding.UTF8.GetBytes("GET /default.aspx?=23 HTTP/1.1\r\nHost: my-loaner.myworld.local\r\nAccept: */*\r\n\r\n");
                // Send hello message to the server. 
                StreamResponse = sslStream;
                Image2.ImageUrl = WriteRequest();
                // Read message from the server.
               // string serverMessage = ReadMessage(sslStream);
                //Console.WriteLine("Server says: {0}", serverMessage);
                // Close the client connection.
                Console.WriteLine("Client closed.");
private static X509Certificate2 PickCertificate(
                         StoreLocation location, StoreName name)
            var store = new X509Store(name, location);
                X509Certificate2 cert;
                if(store.Certificates.Count == 1)
                    cert = store.Certificates[0];
                // pick a certificate from the store
                     cert =
                            store.Certificates, "Caption",
                            "Message", X509SelectionFlag.SingleSelection)[0];
                // show certificate details dialog
               // X509Certificate2UI.DisplayCertificate(cert);
                return cert;
            finally { store.Close(); }
Posted 10-Sep-12 8:19am
Updated 10-Sep-12 10:13am
Wes Aday104.2K
Sergey Alexandrovich Kryukov 10-Sep-12 15:34pm
Hardly, because you did not supply relevant information. I does not qualify as a question, just not yet. How about a code sample? If you can do it, don't reply, just use "Improve question" above.
Rate this: bad
Please Sign up or sign in to vote.

Solution 1

Have you enabled client certificates:[^]

Some guide lines from MS:[^]

Also look at the following code get some initial idea on ICertificatePolicy interface:
using System;
using System.IO;
using System.Net;
using System.Security.Cryptography.X509Certificates;
using System.Text;
public class HttpWebRequestClientCertificateTest : ICertificatePolicy {
    public bool CheckValidationResult (ServicePoint sp, X509Certificate certificate,
            WebRequest request, int error)
            return true; // server certificate's CA is not known to windows.
    public void RunClient(string certficatepath, string password=null)
            string host = "https://localhost:1234/";
            if (args.Length > 0)
                    host = args[0];
            X509Certificate2 certificate = null;
            certificate = new X509Certificate2 (certficatepath, password);
            ServicePointManager.CertificatePolicy = new HttpWebRequestClientCertificateTest ();
            HttpWebRequest req = (HttpWebRequest) WebRequest.Create (host);
            if (certificate != null)
                    req.ClientCertificates.Add (certificate);
            WebResponse resp = req.GetResponse ();
            Stream stream = resp.GetResponseStream ();
            StreamReader sr = new StreamReader (stream, Encoding.UTF8);
            Console.WriteLine (sr.ReadToEnd ());
Mathlab 14-Sep-12 9:18am
I took a look at your code and it does seem as if you have tested it properly before sending it you have logical errors
Rate this: bad
Please Sign up or sign in to vote.

Solution 2

I had a problem with the service point manager where the certificate was not trusted on the server that I tried to access.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

  Print Answers RSS
Top Experts
Last 24hrsThis month

Advertise | Privacy | Mobile
Web01 | 2.8.161021.1 | Last Updated 2 Nov 2012
Copyright © CodeProject, 1999-2016
All Rights Reserved. Terms of Service
Layout: fixed | fluid

CodeProject, 503-250 Ferrand Drive Toronto Ontario, M3C 3G8 Canada +1 416-849-8900 x 100