|
x.509 Certificates
I have to write an asp.net app that uses a web service requiring x.509
certificates. Are there any good docs on how to do this both in code and on the server. Most of the stuff I'm finding through google is old 1.1 docs. I have the certificate. -- Regards, Gary Blakely |
Re: x.509 Certificates
Much of that will still work, although another option is to look at WCF docs
with SOAP as the transport mechanism. The consumption is very similar and it may also convince you that WCF is a better model for you, as you can create binary contracts for your own consumption, while still leaving the SOAP contracts for people outside of your domain. -- Gregory A. Beamer MVP, MCP: +I, SE, SD, DBA Subscribe to my blog http://feeds.feedburner.com/GregoryBeamer# or just read it: http://feeds.feedburner.com/GregoryBeamer ******************************************** | Think outside the box! | ******************************************** "GaryDean" <gdeanblakely@newsgroup.nospam> wrote in message news:eoKTfmiBJHA.4816@TK2MSFTNGP06.phx.gbl... >I have to write an asp.net app that uses a web service requiring x.509 >certificates. Are there any good docs on how to do this both in code and >on the server. Most of the stuff I'm finding through google is old 1.1 >docs. I have the certificate. > > -- > Regards, > Gary Blakely > > |
RE: x.509 Certificates
Hi Gary,
As for using Certificate in Webservice, I'd like to confirm the detailed problem scenario in your environment. Generally, you can use x509 certificate for authentication via using the https/ssl transport layer security. For example, you can setup the webservice in IIS to se ssl/https. And you can supply certificate in client code (if server-side require client to provide certificate). Here are some reference article on this: #How to call a Web service by using a client certificate for authentication in an ASP.NET Web application http://support.microsoft.com/?id=901183 #Using client certificates with ASP.NET http://geekswithblogs.net/lorint/arc.../30/64516.aspx If you want to use X509 certificate to perform custom security (such as encryption or signing), ASP.NET webservice doesn't directly certificate integrity. There is an add-on component called "Web Service Enhancement" (so far the latest version is 3.0 for .net framework 2.0). You can use it to add certiciate and message layer securityt functionality for your Webservice: #Security Features in WSE 3.0 http://msdn.microsoft.com/en-us/magazine/cc300773.aspx #Implementing Message Layer Security with X.509 Certificates in WSE 3.0 http://msdn.microsoft.com/en-us/library/aa480581.aspx BTW, will WCF also be a possible option for you as Gregory suggested? So far WSE is not updating and WCF provide more support on security such as certificate. Sincerely, Steven Cheng Microsoft MSDN Online Support Lead Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msdnmg@microsoft.com. ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/en-us/subs...#notifications. Note: The MSDN Managed Newsgroup support offering is for non-urgent issues where an initial response from the community or a Microsoft Support Engineer within 1 business day is acceptable. Please note that each follow up response may take approximately 2 business days as the support professional working with you may need further investigation to reach the most efficient resolution. The offering is not appropriate for situations that require urgent, real-time or phone-based interactions or complex project analysis and dump analysis issues. Issues of this nature are best handled working with a dedicated Microsoft Support Engineer by contacting Microsoft Customer Support Services (CSS) at http://support.microsoft.com/select/...tance&ln=en-us. ================================================== This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- >From: "GaryDean" <gdeanblakely@newsgroup.nospam> >Subject: x.509 Certificates >Date: Sun, 24 Aug 2008 13:40:17 -0700 > >I have to write an asp.net app that uses a web service requiring x.509 >certificates. Are there any good docs on how to do this both in code and on >the server. Most of the stuff I'm finding through google is old 1.1 docs. >I have the certificate. > >-- >Regards, >Gary Blakely > > > |
Re: x.509 Certificates
Steven:
The article 901183 is one of those excellent "how to" articles but, like all the others, it is for WSE 2.0. All I can find for WSE 3.0 is MSDN docs and a book (that I ordered). Maybe this is the time to jump into WCF. Thanks for all these links. -- Regards, Gary Blakely "Steven Cheng [MSFT]" <stcheng@online.microsoft.com> wrote in message news:rHlvnZmBJHA.3576@TK2MSFTNGHUB02.phx.gbl... > Hi Gary, > > As for using Certificate in Webservice, I'd like to confirm the detailed > problem scenario in your environment. > > Generally, you can use x509 certificate for authentication via using the > https/ssl transport layer security. For example, you can setup the > webservice in IIS to se ssl/https. And you can supply certificate in > client > code (if server-side require client to provide certificate). Here are some > reference article on this: > > > #How to call a Web service by using a client certificate for > authentication > in an ASP.NET Web application > http://support.microsoft.com/?id=901183 > > #Using client certificates with ASP.NET > http://geekswithblogs.net/lorint/arc.../30/64516.aspx > > If you want to use X509 certificate to perform custom security (such as > encryption or signing), ASP.NET webservice doesn't directly certificate > integrity. There is an add-on component called "Web Service Enhancement" > (so far the latest version is 3.0 for .net framework 2.0). You can use it > to add certiciate and message layer securityt functionality for your > Webservice: > > #Security Features in WSE 3.0 > http://msdn.microsoft.com/en-us/magazine/cc300773.aspx > > #Implementing Message Layer Security with X.509 Certificates in WSE 3.0 > http://msdn.microsoft.com/en-us/library/aa480581.aspx > > BTW, will WCF also be a possible option for you as Gregory suggested? So > far WSE is not updating and WCF provide more support on security such as > certificate. > > > Sincerely, > > Steven Cheng > > Microsoft MSDN Online Support Lead > > > Delighting our customers is our #1 priority. We welcome your comments and > suggestions about how we can improve the support we provide to you. Please > feel free to let my manager know what you think of the level of service > provided. You can send feedback directly to my manager at: > msdnmg@microsoft.com. > > ================================================== > Get notification to my posts through email? Please refer to > http://msdn.microsoft.com/en-us/subs...#notifications. > > Note: The MSDN Managed Newsgroup support offering is for non-urgent issues > where an initial response from the community or a Microsoft Support > Engineer within 1 business day is acceptable. Please note that each follow > up response may take approximately 2 business days as the support > professional working with you may need further investigation to reach the > most efficient resolution. The offering is not appropriate for situations > that require urgent, real-time or phone-based interactions or complex > project analysis and dump analysis issues. Issues of this nature are best > handled working with a dedicated Microsoft Support Engineer by contacting > Microsoft Customer Support Services (CSS) at > http://support.microsoft.com/select/...tance&ln=en-us. > ================================================== > This posting is provided "AS IS" with no warranties, and confers no > rights. > > > > > -------------------- >>From: "GaryDean" <gdeanblakely@newsgroup.nospam> >>Subject: x.509 Certificates >>Date: Sun, 24 Aug 2008 13:40:17 -0700 > >> >>I have to write an asp.net app that uses a web service requiring x.509 >>certificates. Are there any good docs on how to do this both in code and > on >>the server. Most of the stuff I'm finding through google is old 1.1 docs. >>I have the certificate. >> >>-- >>Regards, >>Gary Blakely >> >> >> > |
Re: x.509 Certificates
Thanks for your reply Gary,
For WSE 3.0, most of the examples and quick start reference has been included in the SDK (document and samples), you can download it and install with full version to get them. #Web Services Enhancements (WSE) 3.0 for Microsoft .NET http://www.microsoft.com/downloads/d...9fd-3a74-43c5- 8ec1-8d789091255d&displaylang=en and here is another blog entry which include some further get started resource: #So you want to learn WSE 3.0? A short primer on how and where to start. http://blogs.msdn.com/mfussell/archi...25/607820.aspx Sincerely, Steven Cheng Microsoft MSDN Online Support Lead Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msdnmg@microsoft.com. -------- >From: "GaryDean" <gdeanblakely@newsgroup.nospam> >References: <eoKTfmiBJHA.4816@TK2MSFTNGP06.phx.gbl> <rHlvnZmBJHA.3576@TK2MSFTNGHUB02.phx.gbl> >Subject: Re: x.509 Certificates >Date: Mon, 25 Aug 2008 06:44:50 -0700 > >Steven: >The article 901183 is one of those excellent "how to" articles but, like all >the others, it is for WSE 2.0. All I can find for WSE 3.0 is MSDN docs and >a book (that I ordered). Maybe this is the time to jump into WCF. Thanks >for all these links. > >-- >Regards, >Gary Blakely >"Steven Cheng [MSFT]" <stcheng@online.microsoft.com> wrote in message >news:rHlvnZmBJHA.3576@TK2MSFTNGHUB02.phx.gbl... >> Hi Gary, >> >> As for using Certificate in Webservice, I'd like to confirm the detailed >> problem scenario in your environment. >> >> Generally, you can use x509 certificate for authentication via using the >> https/ssl transport layer security. For example, you can setup the >> webservice in IIS to se ssl/https. And you can supply certificate in >> client >> code (if server-side require client to provide certificate). Here are some >> reference article on this: >> >> >> #How to call a Web service by using a client certificate for >> authentication >> in an ASP.NET Web application >> http://support.microsoft.com/?id=901183 >> >> #Using client certificates with ASP.NET >> http://geekswithblogs.net/lorint/arc.../30/64516.aspx >> >> If you want to use X509 certificate to perform custom security (such as >> encryption or signing), ASP.NET webservice doesn't directly certificate >> integrity. There is an add-on component called "Web Service Enhancement" >> (so far the latest version is 3.0 for .net framework 2.0). You can use it >> to add certiciate and message layer securityt functionality for your >> Webservice: >> >> #Security Features in WSE 3.0 >> http://msdn.microsoft.com/en-us/magazine/cc300773.aspx >> >> #Implementing Message Layer Security with X.509 Certificates in WSE 3.0 >> http://msdn.microsoft.com/en-us/library/aa480581.aspx >> >> BTW, will WCF also be a possible option for you as Gregory suggested? So >> far WSE is not updating and WCF provide more support on security such as >> certificate. >> >> >> Sincerely, >> >> Steven Cheng >> >> Microsoft MSDN Online Support Lead >> >> >> Delighting our customers is our #1 priority. We welcome your comments and >> suggestions about how we can improve the support we provide to you. Please >> feel free to let my manager know what you think of the level of service >> provided. You can send feedback directly to my manager at: >> msdnmg@microsoft.com. >> >> ================================================== >> Get notification to my posts through email? Please refer to >> http://msdn.microsoft.com/en-us/subs...#notifications. >> >> Note: The MSDN Managed Newsgroup support offering is for non-urgent issues >> where an initial response from the community or a Microsoft Support >> Engineer within 1 business day is acceptable. Please note that each follow >> up response may take approximately 2 business days as the support >> professional working with you may need further investigation to reach the >> most efficient resolution. The offering is not appropriate for situations >> that require urgent, real-time or phone-based interactions or complex >> project analysis and dump analysis issues. Issues of this nature are best >> handled working with a dedicated Microsoft Support Engineer by contacting >> Microsoft Customer Support Services (CSS) at >> http://support.microsoft.com/select/...tance&ln=en-us. >> ================================================== >> This posting is provided "AS IS" with no warranties, and confers no >> rights. >> >> >> >> >> -------------------- >>>From: "GaryDean" <gdeanblakely@newsgroup.nospam> >>>Subject: x.509 Certificates >>>Date: Sun, 24 Aug 2008 13:40:17 -0700 >> >>> >>>I have to write an asp.net app that uses a web service requiring x.509 >>>certificates. Are there any good docs on how to do this both in code and >> on >>>the server. Most of the stuff I'm finding through google is old 1.1 docs. >>>I have the certificate. >>> >>>-- >>>Regards, >>>Gary Blakely >>> >>> >>> >> > > > |
Re: x.509 Certificates
Hi Gary,
Have you tried the examples in the WSE 3.0 sdk or do you have any further questions on this? Sincerely, Steven Cheng Microsoft MSDN Online Support Lead Delighting our customers is our #1 priority. We welcome your comments and suggestions about how we can improve the support we provide to you. Please feel free to let my manager know what you think of the level of service provided. You can send feedback directly to my manager at: msdnmg@microsoft.com. ================================================== Get notification to my posts through email? Please refer to http://msdn.microsoft.com/en-us/subs...#notifications. This posting is provided "AS IS" with no warranties, and confers no rights. -------------------- >Content-Type: text/plain >Content-Transfer-Encoding: 7bit >From: stcheng@online.microsoft.com (Steven Cheng [MSFT]) >Organization: Microsoft >Date: Tue, 26 Aug 2008 02:22:28 GMT >Subject: Re: x.509 Certificates >Thanks for your reply Gary, > >For WSE 3.0, most of the examples and quick start reference has been >included in the SDK (document and samples), you can download it and install >with full version to get them. > >#Web Services Enhancements (WSE) 3.0 for Microsoft .NET >http://www.microsoft.com/downloads/d...09fd-3a74-43c5 - >8ec1-8d789091255d&displaylang=en > >and here is another blog entry which include some further get started >resource: > >#So you want to learn WSE 3.0? A short primer on how and where to start. >http://blogs.msdn.com/mfussell/archi...25/607820.aspx > >Sincerely, > >Steven Cheng > >Microsoft MSDN Online Support Lead > > >Delighting our customers is our #1 priority. We welcome your comments and >suggestions about how we can improve the support we provide to you. Please >feel free to let my manager know what you think of the level of service >provided. You can send feedback directly to my manager at: >msdnmg@microsoft.com. >>>>> >>>> >>>> >>> >> >> >> > > |
| All times are GMT. The time now is 11:27 AM. |
Powered by vBulletin®. Copyright ©2000 - 2013, vBulletin Solutions, Inc.
SEO by vBSEO ©2010, Crawlability, Inc.