Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Add certificate on request with RestSharp

I'm trying to communicate with a server. This server send me a certificate and a private key in order to execute my request successfully.

To test the server, I use Postman. So I fill the certificate setting in postman, and my request works fine

Postman settings for certificates

Now I want to do the same in C#.

For that I use RestSharp in order to create the request.

Here is my code

 var client = new RestClient(url);

 byte[] certBuffer = UtilsService.GetBytesFromPEM(myCertificate, Models.Enum.PemStringType.Certificate);
 byte[] keyBuffer = UtilsService.GetBytesFromPEM(encryptedPrivateKey, Models.Enum.PemStringType.RsaPrivateKey);

 X509Certificate2 certificate = new X509Certificate2(certBuffer, secret);
 client.ClientCertificates = new X509CertificateCollection() { certificate };
 var request = new RestRequest(Method.POST);
 request.AddHeader("Cache-Control", "no-cache");
 request.AddHeader("Accept", "application/json");
 request.AddHeader("Content-Type", "application/json");
 request.AddParameter("myStuff", ParameterType.RequestBody);
 IRestResponse response = client.Execute(request);

The request doesn't work. I think the problem is from how I load the certificate in RestSharp.

I'm looking for information how to set correctly the certificate in RestSharp.

I'm using RestSharp, but I could be anything else that can work in C#

like image 374
dpfauwadel Avatar asked Mar 02 '18 12:03

dpfauwadel


People also ask

How to add certificate to RestSharp in c#?

ClientCertificates = new X509CertificateCollection() { certificate }; var request = new RestRequest(Method. POST); request. AddHeader("Cache-Control", "no-cache"); request. AddHeader("Accept", "application/json"); request.

Is RestSharp better than HttpClient?

The main conclusion is that one is not better than the other, and we shouldn't compare them since RestSharp is a wrapper around HttpClient. The decision between using one of the two tools depends on the use case and the situation.

How do you implement certificate based authentication in C#?

Open “Power Shell” as an administrator and run the below command: New-SelfSignedCertificate -DnsName "localhost", "localhost" -CertStoreLocation "cert:\LocalMachine\My" -NotAfter (Get-Date). AddYears(10) -FriendlyName "CAlocalhost" -KeyUsageProperty All -KeyUsage CertSign, CRLSign, DigitalSignature.

Does RestSharp reuse HttpClient?

RestSharp does not use connection pool as HttpClient and does not leave opened sockets after the use. That's why it is safe (and recommended) to create a new instance of RestClient per request.


1 Answers

Ok, I got the solution.

First of all, I had to stop using the .crt and the .key for the certificate. I have to get a .pfx. This can be done with openssl command (openssl documentation)

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

After creating the certificate, just add it to the request like this

var client = new RestClient(url);

ServicePointManager.Expect100Continue = true;
ServicePointManager.DefaultConnectionLimit = 9999;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;

var certFile = Path.Combine(certificateFolder, "certificate.pfx");
X509Certificate2 certificate = new X509Certificate2(certFile, onboard.authentication.secret);
client.ClientCertificates = new X509CertificateCollection() { certificate };
client.Proxy = new WebProxy();
var restrequest = new RestRequest(Method.POST);
restrequest.AddHeader("Cache-Control", "no-cache");
restrequest.AddHeader("Accept", "application/json");
restrequest.AddHeader("Content-Type", "application/json");
restrequest.AddParameter("myStuff", ParameterType.RequestBody);
IRestResponse response = client.Execute(restrequest);
like image 110
dpfauwadel Avatar answered Nov 02 '22 00:11

dpfauwadel