Using certificate file to connect to webservice over SSL

c# .net ssl windows-services ssl-certificate
22,079

Solution 1

PKCS#12 file is provided to you as it is a natural way to transport certificates together with private keys. You can use one of the following:

  • convert it to format you like and store the way you like
  • convert it to passwordless PFX
  • import it to computer's certificate storage and use it this way

But all those methods (together with keeping a hardcoded password) provide no real protection to the private key and thus are not usable if you distribute the application to outside of your organization.

Solution 2

What you could do is something like this:

  1. Install the SSL certificate into your local machine certificate store (using the Microsoft Management Console "MMC")
  2. Extract the certificates thumbprint (e.g. "748681ca3646ccc7c4facb7360a0e3baa0894cb5")
  3. Use a function which fetches you the certificate from the local certificate store for the given thumbprint.
  4. Provide the SSL certificate when calling your web service.
private static X509Certificate2 GetCertificateByThumbprint(string certificateThumbPrint, StoreLocation certificateStoreLocation) {
    X509Certificate2 certificate = null;

    X509Store certificateStore = new X509Store(certificateStoreLocation);
    certificateStore.Open(OpenFlags.ReadOnly);


    X509Certificate2Collection certCollection = certificateStore.Certificates;
    foreach (X509Certificate2 cert in certCollection)
    {
        if (cert.Thumbprint != null && cert.Thumbprint.Equals(certificateThumbPrint, StringComparison.OrdinalIgnoreCase))
        {
            certificate = cert;
            break;
        }
    }

    if (certificate == null)
    {
        Log.ErrorFormat(CultureInfo.InvariantCulture, "Certificate with thumbprint {0} not found", certificateThumbPrint);
    }

    return certificate;
}

public string GetServiceResponse() {
    string WebSvcEndpointConfigurationName = "WebServiceEndpoint";
    Uri webSvcEndpointAddress = new Uri("http://www.example.com/YourWebService.svc");
    string webSvcCertificateThumbPrint = "748681ca3646ccc7c4facb7360a0e3baa0894cb5";

    string webSvcResponse = null;
    SomeWebServiceClient webServiceClient = null;

    try
    {
        webServiceClient = new SomeWebServiceClient(WebSvcEndpointConfigurationName, new EndpointAddress(webSvcEndpointAddress));
        webServiceClient.ClientCredentials.ClientCertificate.Certificate = GetCertificateByThumbprint(webSvcCertificateThumbPrint, StoreLocation.LocalMachine);

        webSvcResponse = webServiceClient.GetServiceResponse();
    }
    catch (Exception ex)
    {
    }
    finally
    {
        if (webServiceClient != null)
        {
            webServiceClient.Close();
        }
    }
    return webSvcResponse;
}
Share:
22,079
user1013552
Author by

user1013552

Updated on March 26, 2020

Comments

  • user1013552
    user1013552 about 4 years

    I am developing windows service in C# which invokes webservice methods. I must use SSL to connect to webservice. I have recieved from publisher p12 file with certificate. The file is password protected. To use Import method to use this certificate. Everything is working fine, but I do not like this method - I have password harcoded in my app. When publisher changes certificate I must rewrite code(changing the password to new one). Is there any way not to harcode password to .p12 file or use other option(.cer file)?

  • jay
    jay over 4 years
    HI There, may i know what should i put for the SomeWebServiceClient class? I have added a service referenece class called "PlanningService" (a wsdl service reference) and it does not have any property callled ClientCredentials. Does the class need to be a type of a particular kind of object? Thanks.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

How to set read permission on the private key file of X.509 certificate from .NET
Import certificate with private key programmatically
sc.exe to install an exe as a service?
SSL and Outdated TLS(1.0 and 1.1) for Web Service client application on .Net 3.5
.Net SslStream with Client Certificate
How to show a form in windows service.
Connecting to FTPS (FTP over SSL) with FluentFTP
How can I use CommandLine Arguments that is not recognized by TopShelf?
HTTP 503 Service is unavailable when trying to browse signalr/hubs
Run windows application from Windows service