Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Using System.Net.WebClient with HTTPS certificate

Tags:

c#

certificate

https

httpwebrequest

http-post

In my C# Windows client, I have a POST submission to "the mothership". I want the data in the submits to be secured, of course, so I paid for HostGator to issue me an SSL certificate.

I saved off the .CER file, and I'm constructing the request as such:

//wrapper for WebClient object to use certificate file
class SecureWebClient : WebClient
{
    protected override WebRequest GetWebRequest(Uri address)
    {
        HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(address);
        string certPath = @"e:\mycertificate.cer";
        X509Certificate myCert = X509Certificate.CreateFromCertFile(certPath);
        request.ClientCertificates.Add(myCert);
        return request;
    }
}

//request
private static SecureWebClient client = new SecureWebClient();
private static NameValueCollection = new NameValueCollection();
nvc.Add(POST_ACTION, ACTION_CODE_LOGIN);
nvc.Add(POST_EMAIL, email);
nvc.Add(POST_PASSWORD, password);

sResponse = System.Text.Encoding.ASCII.GetString(client.UploadValues(BASE_URL + ACTION_PAGE, nvc));

Its throwing a System.Net.WebException:

The underlying connection was closed: An unexpected error occurred on a send.

The InnerException is a System.IO.IOException:

The handshake failed due to an unexpected packet format.

Any insight on what I am doing wrong?

like image 891
Honus Wagner Avatar asked Sep 13 '11 13:09

Honus Wagner

2 Answers

Client certificates will work only if the private key is available. This is not generally the case when using .cer files since the X.509 certificate does not include the private key.

The only safe way to ensure the private key is available is to load the certificate from a PKCS#12 file where both the certificate(s) and the private key are available (i.e. both were exported into the .pfx file).

Notes:

  • I said generally because Windows/CryptoAPI sometimes does some magic (when used with X509Certificate) and automatically associate a certificate with a private key from the certificate.key stores.

  • I said safe because that will work on Mono too, not just MS .NET.

like image 145
poupou Avatar answered Sep 22 '22 08:09

poupou

Sounds like you are doing it backwards. You should have the SLL Certificate installed on the web host/server. Then you create a web request to web server and requires the HTTPS protocol.

like image 44
Erik Philips Avatar answered Sep 23 '22 08:09

Erik Philips
Sign in to Comment

Related questions

How to sniff local outgoing network traffic in .NET without using PCap?
C# Func delegate with params type
Call constructor as a function in C#
xml serialization specify xmlelement and xmlattribute together
Why does GetGenericTypeDefinition fail?
How to make sure a generated guid is unique globally?
Control the mouse cursor using C#
HttpModule to add headers to request
Compilation error. Using properties with struct
How to manually get instance of Graphics object in WinForms?
Why is using(null) a valid case in C#?
File.AppendAllText create subdirectory if doesn't exist?
Multiple ItemsSource collection bindings
Is it possible to change the background color of the WebBrowser control before loading content?
FileStream Read/Write method's limitation
C# - Splitting on a pipe with an escaped pipe in the data?
HttpContext.Current.Session is null
WPF Simple Validation Question - setting custom ErrorContent
Test for null values in C#
How to find what is using the connections in my connection pool

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!