PKCS Certificates

PKCS Certificates

Post by Hodg » Tue, 18 Feb 2003 07:37:31



I'm trying to connect to an HTTPS site in order to post
an XML stream to it.  I have the required client PKCS
certificate and can connect to the site using IE
(although it does prompt me to select a certificate to
use).

Now, I want to code this to automatically send the XML to
the server, but my problem is that when I try to use the
HttpWebRequest and add the exported .cer file to the
ClientCertificates collection, my connection fails.

Can anyone point me in the right direction please?

Hodge.

 
 
 

PKCS Certificates

Post by Mike Moore [Microsoft » Thu, 20 Feb 2003 07:58:03


Hi Hodge,

I'm looking for someone who can assist you.

Thank you, Mike Moore
Microsoft, ASP.NET

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------

>Content-Class: urn:content-classes:message


>Subject: PKCS Certificates
>Date: Sun, 16 Feb 2003 14:37:31 -0800
>Lines: 14

>MIME-Version: 1.0
>Content-Type: text/plain;
>    charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcLWC/3wMhIXjYdLRUyz1insLJEqFA==
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa06
>Xref: cpmsftngxa06 microsoft.public.dotnet.framework.aspnet.security:3978
>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security

>I'm trying to connect to an HTTPS site in order to post
>an XML stream to it.  I have the required client PKCS
>certificate and can connect to the site using IE
>(although it does prompt me to select a certificate to
>use).

>Now, I want to code this to automatically send the XML to
>the server, but my problem is that when I try to use the
>HttpWebRequest and add the exported .cer file to the
>ClientCertificates collection, my connection fails.

>Can anyone point me in the right direction please?

>Hodge.


 
 
 

PKCS Certificates

Post by Mike Moore [Microsoft » Thu, 20 Feb 2003 08:36:16


Hi Hodge,

What is the client? From reading your post, we think your client is an
XMLHttp object. If your client is running in the context of a service, then
it has no user registry hive and cannot access the client certificate.

The following article describes some of the limitations of using
Microsoft.XMLHTTP objects for server to server communication.

PRB: Loading Remote XML or Sending XML HTTP Requests from Server Is Not
Supported
http://support.microsoft.com/?id=237906

Does that answer your question?
The application that is creating the HttpWebRequest, is it a Windows
application?

Thank you, Mike Moore
Microsoft, ASP.NET

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------

>Content-Class: urn:content-classes:message


>Subject: PKCS Certificates
>Date: Sun, 16 Feb 2003 14:37:31 -0800
>Lines: 14

>MIME-Version: 1.0
>Content-Type: text/plain;
>    charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Thread-Index: AcLWC/3wMhIXjYdLRUyz1insLJEqFA==
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>Path: cpmsftngxa06
>Xref: cpmsftngxa06 microsoft.public.dotnet.framework.aspnet.security:3978
>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security

>I'm trying to connect to an HTTPS site in order to post
>an XML stream to it.  I have the required client PKCS
>certificate and can connect to the site using IE
>(although it does prompt me to select a certificate to
>use).

>Now, I want to code this to automatically send the XML to
>the server, but my problem is that when I try to use the
>HttpWebRequest and add the exported .cer file to the
>ClientCertificates collection, my connection fails.

>Can anyone point me in the right direction please?

>Hodge.

 
 
 

PKCS Certificates

Post by Hodg » Thu, 20 Feb 2003 18:04:33


Hi Mike

Thanks for picking up this thread.

The client I am developing is a Windows Service running on
a Windows 2000 Advanced Server.  The article you pointed
me at was helpful but did not suggest any way of
accomplishing what I am trying to do.

Do you have any suggestions?

Hodge

>-----Original Message-----
>Hi Hodge,

>What is the client? From reading your post, we think your
client is an
>XMLHttp object. If your client is running in the context
of a service, then
>it has no user registry hive and cannot access the client
certificate.

>The following article describes some of the limitations
of using
>Microsoft.XMLHTTP objects for server to server
communication.

>PRB: Loading Remote XML or Sending XML HTTP Requests from
Server Is Not
>Supported
>http://support.microsoft.com/?id=237906

>Does that answer your question?
>The application that is creating the HttpWebRequest, is
it a Windows
>application?

>Thank you, Mike Moore
>Microsoft, ASP.NET

>This posting is provided "AS IS", with no warranties, and
confers no rights.

>--------------------
>>Content-Class: urn:content-classes:message


>>Subject: PKCS Certificates
>>Date: Sun, 16 Feb 2003 14:37:31 -0800
>>Lines: 14

>>MIME-Version: 1.0
>>Content-Type: text/plain;
>>        charset="iso-8859-1"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>Thread-Index: AcLWC/3wMhIXjYdLRUyz1insLJEqFA==
>>Newsgroups:

microsoft.public.dotnet.framework.aspnet.security
Quote:>>Path: cpmsftngxa06
>>Xref: cpmsftngxa06

microsoft.public.dotnet.framework.aspnet.security:3978
Quote:>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>>X-Tomcat-NG:

microsoft.public.dotnet.framework.aspnet.security

- Show quoted text -

Quote:

>>I'm trying to connect to an HTTPS site in order to post
>>an XML stream to it.  I have the required client PKCS
>>certificate and can connect to the site using IE
>>(although it does prompt me to select a certificate to
>>use).

>>Now, I want to code this to automatically send the XML
to
>>the server, but my problem is that when I try to use the
>>HttpWebRequest and add the exported .cer file to the
>>ClientCertificates collection, my connection fails.

>>Can anyone point me in the right direction please?

>>Hodge.

>.

 
 
 

PKCS Certificates

Post by Mike Moore [Microsoft » Fri, 21 Feb 2003 08:26:01


Hi Hodge,

XML data is usually converted from an object (such as XMLHttp) to a string
for transmission. I found an article that shows doing this with an XMLHttp
COM object.

290591 HOWTO: Submit Form Data by Using XMLHTTP or ServerXMLHTTP Object
http://support.microsoft.com/?id=290591

Does this answer your question?

Thank you, Mike Moore
Microsoft, ASP.NET

This posting is provided "AS IS", with no warranties, and confers no rights.

--------------------

>Content-Class: urn:content-classes:message





>Subject: RE: PKCS Certificates
>Date: Wed, 19 Feb 2003 01:04:33 -0800
>Lines: 87

>MIME-Version: 1.0
>Content-Type: text/plain;
>    charset="iso-8859-1"
>Content-Transfer-Encoding: 7bit
>X-Newsreader: Microsoft CDO for Windows 2000
>Thread-Index: AcLX9esw1R7AHJVjQ3q3mmg9EuVFCg==
>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>Newsgroups: microsoft.public.dotnet.framework.aspnet.security
>NNTP-Posting-Host: TK2MSFTNGXA01 10.40.1.47
>Path: cpmsftngxa08!cpmsftngxa06
>Xref: cpmsftngxa08 microsoft.public.dotnet.framework.aspnet.security:4040
>X-Tomcat-NG: microsoft.public.dotnet.framework.aspnet.security

>Hi Mike

>Thanks for picking up this thread.

>The client I am developing is a Windows Service running on
>a Windows 2000 Advanced Server.  The article you pointed
>me at was helpful but did not suggest any way of
>accomplishing what I am trying to do.

>Do you have any suggestions?

>Hodge

>>-----Original Message-----
>>Hi Hodge,

>>What is the client? From reading your post, we think your
>client is an
>>XMLHttp object. If your client is running in the context
>of a service, then
>>it has no user registry hive and cannot access the client
>certificate.

>>The following article describes some of the limitations
>of using
>>Microsoft.XMLHTTP objects for server to server
>communication.

>>PRB: Loading Remote XML or Sending XML HTTP Requests from
>Server Is Not
>>Supported
>>http://support.microsoft.com/?id=237906

>>Does that answer your question?
>>The application that is creating the HttpWebRequest, is
>it a Windows
>>application?

>>Thank you, Mike Moore
>>Microsoft, ASP.NET

>>This posting is provided "AS IS", with no warranties, and
>confers no rights.

>>--------------------
>>>Content-Class: urn:content-classes:message


>>>Subject: PKCS Certificates
>>>Date: Sun, 16 Feb 2003 14:37:31 -0800
>>>Lines: 14

>>>MIME-Version: 1.0
>>>Content-Type: text/plain;
>>>    charset="iso-8859-1"
>>>Content-Transfer-Encoding: 7bit
>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>X-MIMEOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>>Thread-Index: AcLWC/3wMhIXjYdLRUyz1insLJEqFA==
>>>Newsgroups:
>microsoft.public.dotnet.framework.aspnet.security
>>>Path: cpmsftngxa06
>>>Xref: cpmsftngxa06
>microsoft.public.dotnet.framework.aspnet.security:3978
>>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>>>X-Tomcat-NG:
>microsoft.public.dotnet.framework.aspnet.security

>>>I'm trying to connect to an HTTPS site in order to post
>>>an XML stream to it.  I have the required client PKCS
>>>certificate and can connect to the site using IE
>>>(although it does prompt me to select a certificate to
>>>use).

>>>Now, I want to code this to automatically send the XML
>to
>>>the server, but my problem is that when I try to use the
>>>HttpWebRequest and add the exported .cer file to the
>>>ClientCertificates collection, my connection fails.

>>>Can anyone point me in the right direction please?

>>>Hodge.

>>.

 
 
 

PKCS Certificates

Post by Hodg » Sun, 23 Feb 2003 06:53:01


Mike

Not entirely, but a good intro with some good tips in the
related documents too.

Thanks for all your help on this, it is much appreciated.

Hodge.

Quote:>-----Original Message-----
>Hi Hodge,

>XML data is usually converted from an object (such as

XMLHttp) to a string
Quote:>for transmission. I found an article that shows doing

this with an XMLHttp
Quote:>COM object.

>290591 HOWTO: Submit Form Data by Using XMLHTTP or

ServerXMLHTTP Object
Quote:>http://support.microsoft.com/?id=290591

>Does this answer your question?

>Thank you, Mike Moore
>Microsoft, ASP.NET

>This posting is provided "AS IS", with no warranties,

and confers no rights.

>--------------------
>>Content-Class: urn:content-classes:message




>>Subject: RE: PKCS Certificates
>>Date: Wed, 19 Feb 2003 01:04:33 -0800
>>Lines: 87

>>MIME-Version: 1.0
>>Content-Type: text/plain;
>>        charset="iso-8859-1"
>>Content-Transfer-Encoding: 7bit
>>X-Newsreader: Microsoft CDO for Windows 2000
>>Thread-Index: AcLX9esw1R7AHJVjQ3q3mmg9EuVFCg==
>>X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300
>>Newsgroups:

microsoft.public.dotnet.framework.aspnet.security
Quote:>>NNTP-Posting-Host: TK2MSFTNGXA01 10.40.1.47
>>Path: cpmsftngxa08!cpmsftngxa06
>>Xref: cpmsftngxa08

microsoft.public.dotnet.framework.aspnet.security:4040
Quote:>>X-Tomcat-NG:

microsoft.public.dotnet.framework.aspnet.security

- Show quoted text -

>>Hi Mike

>>Thanks for picking up this thread.

>>The client I am developing is a Windows Service running
on
>>a Windows 2000 Advanced Server.  The article you
pointed
>>me at was helpful but did not suggest any way of
>>accomplishing what I am trying to do.

>>Do you have any suggestions?

>>Hodge

>>>-----Original Message-----
>>>Hi Hodge,

>>>What is the client? From reading your post, we think
your
>>client is an
>>>XMLHttp object. If your client is running in the
context
>>of a service, then
>>>it has no user registry hive and cannot access the
client
>>certificate.

>>>The following article describes some of the
limitations
>>of using
>>>Microsoft.XMLHTTP objects for server to server
>>communication.

>>>PRB: Loading Remote XML or Sending XML HTTP Requests
from
>>Server Is Not
>>>Supported
>>>http://support.microsoft.com/?id=237906

>>>Does that answer your question?
>>>The application that is creating the HttpWebRequest,
is
>>it a Windows
>>>application?

>>>Thank you, Mike Moore
>>>Microsoft, ASP.NET

>>>This posting is provided "AS IS", with no warranties,
and
>>confers no rights.

>>>--------------------
>>>>Content-Class: urn:content-classes:message


>>>>Subject: PKCS Certificates
>>>>Date: Sun, 16 Feb 2003 14:37:31 -0800
>>>>Lines: 14

>>>>MIME-Version: 1.0
>>>>Content-Type: text/plain;
>>>>        charset="iso-8859-1"
>>>>Content-Transfer-Encoding: 7bit
>>>>X-Newsreader: Microsoft CDO for Windows 2000
>>>>X-MIMEOLE: Produced By Microsoft MimeOLE
V5.50.4910.0300
>>>>Thread-Index: AcLWC/3wMhIXjYdLRUyz1insLJEqFA==
>>>>Newsgroups:
>>microsoft.public.dotnet.framework.aspnet.security
>>>>Path: cpmsftngxa06
>>>>Xref: cpmsftngxa06
>>microsoft.public.dotnet.framework.aspnet.security:3978
>>>>NNTP-Posting-Host: TK2MSFTNGXA13 10.40.1.165
>>>>X-Tomcat-NG:
>>microsoft.public.dotnet.framework.aspnet.security

>>>>I'm trying to connect to an HTTPS site in order to
post
>>>>an XML stream to it.  I have the required client PKCS
>>>>certificate and can connect to the site using IE
>>>>(although it does prompt me to select a certificate
to
>>>>use).

>>>>Now, I want to code this to automatically send the
XML
>>to
>>>>the server, but my problem is that when I try to use
the
>>>>HttpWebRequest and add the exported .cer file to the
>>>>ClientCertificates collection, my connection fails.

>>>>Can anyone point me in the right direction please?

>>>>Hodge.

>>>.

>.

 
 
 

1. How to select an certificate from IE's certificate sote

I wrote a simple program as follows:

                CspParameters CSPParam = new CspParameters();
                CSPParam.KeyContainerName = "My__" ;
                CSPParam.ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" ;
                CSPParam.KeyNumber = 1;
                CSPParam.ProviderType = 1 ;
                CSPParam.Flags = CspProviderFlags.UseMachineKeyStore;
                RSACryptoServiceProvider rsa = new RSACryptoServiceProvider(CSPParam);
                Console.WriteLine(rsa.ToXmlString(true)) ;

Inspite of the KeyContainerName I give, the RSACryptoServiceProvider is always created successfully.
I guess this CSP is created by the system instead of using the system CSP. If so, how should I rewrite
my code to use an certificate with a private key in IE's Certificate store to do encryption/decryption?
Any suggestion would be appreciated. Thanks in advance ...

--

2. Process frozen when I try to access a tape device

3. Certificate store: How en-/decryption with certificate private/public key?

4. BP and BB layer

5. PKCS#12 File

6. FS:ps/2 PC router card & Software - $350

7. .net certificate store access with P/Invoke and CAPICOM

8. Instructions on sharing your computers internet connection with a Palm Tungsten via Bluetooth

9. Any reason not to use a SSL Chain Certificate with .NET clients?

10. Is there a way to programatically have a remoting application trust a self-signed SSL certificate?

11. IE/dotnet. how to get https certificate.

12. Signed XML - Specifying a Digital Certificate

13. Signing with SignedXML and X.509 certificates