Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Security > Valid Certificate Authority

Reply
Thread Tools

Valid Certificate Authority

 
 
Curtis Justus
Guest
Posts: n/a
 
      06-10-2004
Hi,

I need to verify that a certificate is coming from a valid certificate
authority. Does anybody know where I could obtain a list with that
information?

Thanks,
cj


 
Reply With Quote
 
 
 
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      06-10-2004
The certificate will be trusted based on the trusted root certificates
configured on the current machine. You can use the ICertificatePolicy class
that I mentioned before to determine whether the CA for the cert was not
trusted by examining the certificateProblem parameter in
CheckValidationResult. I found a decent blog posting that shows what the
values of the parameter can be (they are probably in the platform SDK
somewhere...):

http://weblogs.asp.net/wim/archive/2...02/106281.aspx


Joe K.

"Curtis Justus" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi,
>
> I need to verify that a certificate is coming from a valid certificate
> authority. Does anybody know where I could obtain a list with that
> information?
>
> Thanks,
> cj
>
>



 
Reply With Quote
 
 
 
 
Harry Simpson
Guest
Posts: n/a
 
      06-10-2004
Using the SelfSSL internally (intranet) and the third check doesn't pass
since we created the cert.

Where does this code (CheckValidationResult) actually go in the web
application??

Harry

"Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
in message news:(E-Mail Removed)...
> The certificate will be trusted based on the trusted root certificates
> configured on the current machine. You can use the ICertificatePolicy

class
> that I mentioned before to determine whether the CA for the cert was not
> trusted by examining the certificateProblem parameter in
> CheckValidationResult. I found a decent blog posting that shows what the
> values of the parameter can be (they are probably in the platform SDK
> somewhere...):
>
> http://weblogs.asp.net/wim/archive/2...02/106281.aspx
>
>
> Joe K.
>
> "Curtis Justus" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Hi,
> >
> > I need to verify that a certificate is coming from a valid certificate
> > authority. Does anybody know where I could obtain a list with that
> > information?
> >
> > Thanks,
> > cj
> >
> >

>
>



 
Reply With Quote
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      06-10-2004
The code here shows how to create a class that implements
ICertificatePolicy:
http://msdn.microsoft.com/library/de...asp?frame=true

To use it, you add a new instance of your class to the
ServicePointManager.CertificatePolicy property BEFORE you make any
WebRequests (or SOAP calls or anything else that wraps WebRequest).

http://msdn.microsoft.com/library/de...asp?frame=true

Then, you can enforce your own certificate policy based on the rules you
code in your CheckValidationResult Method.

Joe K.

"Harry Simpson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Using the SelfSSL internally (intranet) and the third check doesn't pass
> since we created the cert.
>
> Where does this code (CheckValidationResult) actually go in the web
> application??
>
> Harry
>
> "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
> in message news:(E-Mail Removed)...
> > The certificate will be trusted based on the trusted root certificates
> > configured on the current machine. You can use the ICertificatePolicy

> class
> > that I mentioned before to determine whether the CA for the cert was not
> > trusted by examining the certificateProblem parameter in
> > CheckValidationResult. I found a decent blog posting that shows what

the
> > values of the parameter can be (they are probably in the platform SDK
> > somewhere...):
> >
> > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> >
> >
> > Joe K.
> >
> > "Curtis Justus" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > Hi,
> > >
> > > I need to verify that a certificate is coming from a valid certificate
> > > authority. Does anybody know where I could obtain a list with that
> > > information?
> > >
> > > Thanks,
> > > cj
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Harry Simpson
Guest
Posts: n/a
 
      06-10-2004
Thanks Joe,

The code actually didn't work but it's probablky just me......

Was wondering where you put pre-request code in an ASP.NET app??

Harry

"Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
in message news:O%(E-Mail Removed)...
> The code here shows how to create a class that implements
> ICertificatePolicy:
>

http://msdn.microsoft.com/library/de...asp?frame=true
>
> To use it, you add a new instance of your class to the
> ServicePointManager.CertificatePolicy property BEFORE you make any
> WebRequests (or SOAP calls or anything else that wraps WebRequest).
>
>

http://msdn.microsoft.com/library/de...asp?frame=true
>
> Then, you can enforce your own certificate policy based on the rules you
> code in your CheckValidationResult Method.
>
> Joe K.
>
> "Harry Simpson" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Using the SelfSSL internally (intranet) and the third check doesn't pass
> > since we created the cert.
> >
> > Where does this code (CheckValidationResult) actually go in the web
> > application??
> >
> > Harry
> >
> > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

wrote
> > in message news:(E-Mail Removed)...
> > > The certificate will be trusted based on the trusted root certificates
> > > configured on the current machine. You can use the ICertificatePolicy

> > class
> > > that I mentioned before to determine whether the CA for the cert was

not
> > > trusted by examining the certificateProblem parameter in
> > > CheckValidationResult. I found a decent blog posting that shows what

> the
> > > values of the parameter can be (they are probably in the platform SDK
> > > somewhere...):
> > >
> > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > >
> > >
> > > Joe K.
> > >
> > > "Curtis Justus" <(E-Mail Removed)> wrote in message
> > > news:(E-Mail Removed)...
> > > > Hi,
> > > >
> > > > I need to verify that a certificate is coming from a valid

certificate
> > > > authority. Does anybody know where I could obtain a list with that
> > > > information?
> > > >
> > > > Thanks,
> > > > cj
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      06-11-2004
I'm not sure I understand. Is your ASP.NET application making a call to
another web site via something based on HttpWebRequest or a web service
call? If so, you would do it then. If not, how are you calling another
server?

If you aren't calling another server, then why would you need to check a
server's certificate?

Joe K.

"Harry Simpson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Thanks Joe,
>
> The code actually didn't work but it's probablky just me......
>
> Was wondering where you put pre-request code in an ASP.NET app??
>
> Harry
>
> "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
> in message news:O%(E-Mail Removed)...
> > The code here shows how to create a class that implements
> > ICertificatePolicy:
> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> >
> > To use it, you add a new instance of your class to the
> > ServicePointManager.CertificatePolicy property BEFORE you make any
> > WebRequests (or SOAP calls or anything else that wraps WebRequest).
> >
> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> >
> > Then, you can enforce your own certificate policy based on the rules you
> > code in your CheckValidationResult Method.
> >
> > Joe K.
> >
> > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > Using the SelfSSL internally (intranet) and the third check doesn't

pass
> > > since we created the cert.
> > >
> > > Where does this code (CheckValidationResult) actually go in the web
> > > application??
> > >
> > > Harry
> > >
> > > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

> wrote
> > > in message news:(E-Mail Removed)...
> > > > The certificate will be trusted based on the trusted root

certificates
> > > > configured on the current machine. You can use the

ICertificatePolicy
> > > class
> > > > that I mentioned before to determine whether the CA for the cert was

> not
> > > > trusted by examining the certificateProblem parameter in
> > > > CheckValidationResult. I found a decent blog posting that shows

what
> > the
> > > > values of the parameter can be (they are probably in the platform

SDK
> > > > somewhere...):
> > > >
> > > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > > >
> > > >
> > > > Joe K.
> > > >
> > > > "Curtis Justus" <(E-Mail Removed)> wrote in

message
> > > > news:(E-Mail Removed)...
> > > > > Hi,
> > > > >
> > > > > I need to verify that a certificate is coming from a valid

> certificate
> > > > > authority. Does anybody know where I could obtain a list with

that
> > > > > information?
> > > > >
> > > > > Thanks,
> > > > > cj
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Harry Simpson
Guest
Posts: n/a
 
      06-11-2004
Hi Joe,

I'm merely starting an ASP.NET web application on an intranet server from a
browser within the same intranet.

Since SelfSSL uses the name of the machine (SIMPSON) it doesn't reconcile to
the web's name "MyWebApp" when i make the call to it using
https://SIMPSON/MyWebApp
so i get the third check not true notice. My app is not internet but
intranet with no internet Whois type url.

Harry

"Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
in message news:(E-Mail Removed)...
> I'm not sure I understand. Is your ASP.NET application making a call to
> another web site via something based on HttpWebRequest or a web service
> call? If so, you would do it then. If not, how are you calling another
> server?
>
> If you aren't calling another server, then why would you need to check a
> server's certificate?
>
> Joe K.
>
> "Harry Simpson" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Thanks Joe,
> >
> > The code actually didn't work but it's probablky just me......
> >
> > Was wondering where you put pre-request code in an ASP.NET app??
> >
> > Harry
> >
> > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

wrote
> > in message news:O%(E-Mail Removed)...
> > > The code here shows how to create a class that implements
> > > ICertificatePolicy:
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > >
> > > To use it, you add a new instance of your class to the
> > > ServicePointManager.CertificatePolicy property BEFORE you make any
> > > WebRequests (or SOAP calls or anything else that wraps WebRequest).
> > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > >
> > > Then, you can enforce your own certificate policy based on the rules

you
> > > code in your CheckValidationResult Method.
> > >
> > > Joe K.
> > >
> > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > news:(E-Mail Removed)...
> > > > Using the SelfSSL internally (intranet) and the third check doesn't

> pass
> > > > since we created the cert.
> > > >
> > > > Where does this code (CheckValidationResult) actually go in the web
> > > > application??
> > > >
> > > > Harry
> > > >
> > > > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

> > wrote
> > > > in message news:(E-Mail Removed)...
> > > > > The certificate will be trusted based on the trusted root

> certificates
> > > > > configured on the current machine. You can use the

> ICertificatePolicy
> > > > class
> > > > > that I mentioned before to determine whether the CA for the cert

was
> > not
> > > > > trusted by examining the certificateProblem parameter in
> > > > > CheckValidationResult. I found a decent blog posting that shows

> what
> > > the
> > > > > values of the parameter can be (they are probably in the platform

> SDK
> > > > > somewhere...):
> > > > >
> > > > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > > > >
> > > > >
> > > > > Joe K.
> > > > >
> > > > > "Curtis Justus" <(E-Mail Removed)> wrote in

> message
> > > > > news:(E-Mail Removed)...
> > > > > > Hi,
> > > > > >
> > > > > > I need to verify that a certificate is coming from a valid

> > certificate
> > > > > > authority. Does anybody know where I could obtain a list with

> that
> > > > > > information?
> > > > > >
> > > > > > Thanks,
> > > > > > cj
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      06-11-2004
Ok, the thing is here that it is your browser that is complaining about the
server certificate, not the server that is complaining. Since your browser
is not sending a client certificate to the server, there is nothing for the
server to check. Thus there is no code you can put in your web application.

However, SSL should match the name on the certificate to the hostname
(SIMPSON) in your case, so it should work. What certificate warning do you
get from IE and what are the details?

Joe K.

"Harry Simpson" <(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> Hi Joe,
>
> I'm merely starting an ASP.NET web application on an intranet server from

a
> browser within the same intranet.
>
> Since SelfSSL uses the name of the machine (SIMPSON) it doesn't reconcile

to
> the web's name "MyWebApp" when i make the call to it using
> https://SIMPSON/MyWebApp
> so i get the third check not true notice. My app is not internet but
> intranet with no internet Whois type url.
>
> Harry
>
> "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
> in message news:(E-Mail Removed)...
> > I'm not sure I understand. Is your ASP.NET application making a call to
> > another web site via something based on HttpWebRequest or a web service
> > call? If so, you would do it then. If not, how are you calling another
> > server?
> >
> > If you aren't calling another server, then why would you need to check a
> > server's certificate?
> >
> > Joe K.
> >
> > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > Thanks Joe,
> > >
> > > The code actually didn't work but it's probablky just me......
> > >
> > > Was wondering where you put pre-request code in an ASP.NET app??
> > >
> > > Harry
> > >
> > > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

> wrote
> > > in message news:O%(E-Mail Removed)...
> > > > The code here shows how to create a class that implements
> > > > ICertificatePolicy:
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > >
> > > > To use it, you add a new instance of your class to the
> > > > ServicePointManager.CertificatePolicy property BEFORE you make any
> > > > WebRequests (or SOAP calls or anything else that wraps WebRequest).
> > > >
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > >
> > > > Then, you can enforce your own certificate policy based on the rules

> you
> > > > code in your CheckValidationResult Method.
> > > >
> > > > Joe K.
> > > >
> > > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > > news:(E-Mail Removed)...
> > > > > Using the SelfSSL internally (intranet) and the third check

doesn't
> > pass
> > > > > since we created the cert.
> > > > >
> > > > > Where does this code (CheckValidationResult) actually go in the

web
> > > > > application??
> > > > >
> > > > > Harry
> > > > >
> > > > > "Joe Kaplan (MVP - ADSI)"

<(E-Mail Removed)>
> > > wrote
> > > > > in message news:(E-Mail Removed)...
> > > > > > The certificate will be trusted based on the trusted root

> > certificates
> > > > > > configured on the current machine. You can use the

> > ICertificatePolicy
> > > > > class
> > > > > > that I mentioned before to determine whether the CA for the cert

> was
> > > not
> > > > > > trusted by examining the certificateProblem parameter in
> > > > > > CheckValidationResult. I found a decent blog posting that shows

> > what
> > > > the
> > > > > > values of the parameter can be (they are probably in the

platform
> > SDK
> > > > > > somewhere...):
> > > > > >
> > > > > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > > > > >
> > > > > >
> > > > > > Joe K.
> > > > > >
> > > > > > "Curtis Justus" <(E-Mail Removed)> wrote in

> > message
> > > > > > news:(E-Mail Removed)...
> > > > > > > Hi,
> > > > > > >
> > > > > > > I need to verify that a certificate is coming from a valid
> > > certificate
> > > > > > > authority. Does anybody know where I could obtain a list with

> > that
> > > > > > > information?
> > > > > > >
> > > > > > > Thanks,
> > > > > > > cj
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Harry Simpson
Guest
Posts: n/a
 
      06-11-2004
Joe,

It's the third check on the Security Alert dialog box:
"The name on the security certificate is invalid or does not match the name
of the site"

Harry

"Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
in message news:(E-Mail Removed)...
> Ok, the thing is here that it is your browser that is complaining about

the
> server certificate, not the server that is complaining. Since your

browser
> is not sending a client certificate to the server, there is nothing for

the
> server to check. Thus there is no code you can put in your web

application.
>
> However, SSL should match the name on the certificate to the hostname
> (SIMPSON) in your case, so it should work. What certificate warning do

you
> get from IE and what are the details?
>
> Joe K.
>
> "Harry Simpson" <(E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > Hi Joe,
> >
> > I'm merely starting an ASP.NET web application on an intranet server

from
> a
> > browser within the same intranet.
> >
> > Since SelfSSL uses the name of the machine (SIMPSON) it doesn't

reconcile
> to
> > the web's name "MyWebApp" when i make the call to it using
> > https://SIMPSON/MyWebApp
> > so i get the third check not true notice. My app is not internet but
> > intranet with no internet Whois type url.
> >
> > Harry
> >
> > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

wrote
> > in message news:(E-Mail Removed)...
> > > I'm not sure I understand. Is your ASP.NET application making a call

to
> > > another web site via something based on HttpWebRequest or a web

service
> > > call? If so, you would do it then. If not, how are you calling

another
> > > server?
> > >
> > > If you aren't calling another server, then why would you need to check

a
> > > server's certificate?
> > >
> > > Joe K.
> > >
> > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > news:(E-Mail Removed)...
> > > > Thanks Joe,
> > > >
> > > > The code actually didn't work but it's probablky just me......
> > > >
> > > > Was wondering where you put pre-request code in an ASP.NET app??
> > > >
> > > > Harry
> > > >
> > > > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

> > wrote
> > > > in message news:O%(E-Mail Removed)...
> > > > > The code here shows how to create a class that implements
> > > > > ICertificatePolicy:
> > > > >
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > > >
> > > > > To use it, you add a new instance of your class to the
> > > > > ServicePointManager.CertificatePolicy property BEFORE you make any
> > > > > WebRequests (or SOAP calls or anything else that wraps

WebRequest).
> > > > >
> > > > >
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > > >
> > > > > Then, you can enforce your own certificate policy based on the

rules
> > you
> > > > > code in your CheckValidationResult Method.
> > > > >
> > > > > Joe K.
> > > > >
> > > > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > > > news:(E-Mail Removed)...
> > > > > > Using the SelfSSL internally (intranet) and the third check

> doesn't
> > > pass
> > > > > > since we created the cert.
> > > > > >
> > > > > > Where does this code (CheckValidationResult) actually go in the

> web
> > > > > > application??
> > > > > >
> > > > > > Harry
> > > > > >
> > > > > > "Joe Kaplan (MVP - ADSI)"

> <(E-Mail Removed)>
> > > > wrote
> > > > > > in message news:(E-Mail Removed)...
> > > > > > > The certificate will be trusted based on the trusted root
> > > certificates
> > > > > > > configured on the current machine. You can use the
> > > ICertificatePolicy
> > > > > > class
> > > > > > > that I mentioned before to determine whether the CA for the

cert
> > was
> > > > not
> > > > > > > trusted by examining the certificateProblem parameter in
> > > > > > > CheckValidationResult. I found a decent blog posting that

shows
> > > what
> > > > > the
> > > > > > > values of the parameter can be (they are probably in the

> platform
> > > SDK
> > > > > > > somewhere...):
> > > > > > >
> > > > > > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > > > > > >
> > > > > > >
> > > > > > > Joe K.
> > > > > > >
> > > > > > > "Curtis Justus" <(E-Mail Removed)> wrote in
> > > message
> > > > > > > news:(E-Mail Removed)...
> > > > > > > > Hi,
> > > > > > > >
> > > > > > > > I need to verify that a certificate is coming from a valid
> > > > certificate
> > > > > > > > authority. Does anybody know where I could obtain a list

with
> > > that
> > > > > > > > information?
> > > > > > > >
> > > > > > > > Thanks,
> > > > > > > > cj
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
Joe Kaplan \(MVP - ADSI\)
Guest
Posts: n/a
 
      06-11-2004
I think that dialog allows you to bring up the name of the certificate in
the certificate viewer, so you should be able to check that to verify that
the name on the cert is actually equal to SIMPSON. If it is not, then that
is the problem. You can either change the certificate to match the hostname
or change the hostname (via DNS, hosts file or whatever) to match the cert.

HTH,

Joe K.

"Harry Simpson" <(E-Mail Removed)> wrote in message
news:OB$DjK$(E-Mail Removed)...
> Joe,
>
> It's the third check on the Security Alert dialog box:
> "The name on the security certificate is invalid or does not match the

name
> of the site"
>
> Harry
>
> "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)> wrote
> in message news:(E-Mail Removed)...
> > Ok, the thing is here that it is your browser that is complaining about

> the
> > server certificate, not the server that is complaining. Since your

> browser
> > is not sending a client certificate to the server, there is nothing for

> the
> > server to check. Thus there is no code you can put in your web

> application.
> >
> > However, SSL should match the name on the certificate to the hostname
> > (SIMPSON) in your case, so it should work. What certificate warning do

> you
> > get from IE and what are the details?
> >
> > Joe K.
> >
> > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > news:(E-Mail Removed)...
> > > Hi Joe,
> > >
> > > I'm merely starting an ASP.NET web application on an intranet server

> from
> > a
> > > browser within the same intranet.
> > >
> > > Since SelfSSL uses the name of the machine (SIMPSON) it doesn't

> reconcile
> > to
> > > the web's name "MyWebApp" when i make the call to it using
> > > https://SIMPSON/MyWebApp
> > > so i get the third check not true notice. My app is not internet but
> > > intranet with no internet Whois type url.
> > >
> > > Harry
> > >
> > > "Joe Kaplan (MVP - ADSI)" <(E-Mail Removed)>

> wrote
> > > in message news:(E-Mail Removed)...
> > > > I'm not sure I understand. Is your ASP.NET application making a

call
> to
> > > > another web site via something based on HttpWebRequest or a web

> service
> > > > call? If so, you would do it then. If not, how are you calling

> another
> > > > server?
> > > >
> > > > If you aren't calling another server, then why would you need to

check
> a
> > > > server's certificate?
> > > >
> > > > Joe K.
> > > >
> > > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > > news:(E-Mail Removed)...
> > > > > Thanks Joe,
> > > > >
> > > > > The code actually didn't work but it's probablky just me......
> > > > >
> > > > > Was wondering where you put pre-request code in an ASP.NET app??
> > > > >
> > > > > Harry
> > > > >
> > > > > "Joe Kaplan (MVP - ADSI)"

<(E-Mail Removed)>
> > > wrote
> > > > > in message news:O%(E-Mail Removed)...
> > > > > > The code here shows how to create a class that implements
> > > > > > ICertificatePolicy:
> > > > > >
> > > > >
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > > > >
> > > > > > To use it, you add a new instance of your class to the
> > > > > > ServicePointManager.CertificatePolicy property BEFORE you make

any
> > > > > > WebRequests (or SOAP calls or anything else that wraps

> WebRequest).
> > > > > >
> > > > > >
> > > > >
> > > >
> > >

> >

>

http://msdn.microsoft.com/library/de...asp?frame=true
> > > > > >
> > > > > > Then, you can enforce your own certificate policy based on the

> rules
> > > you
> > > > > > code in your CheckValidationResult Method.
> > > > > >
> > > > > > Joe K.
> > > > > >
> > > > > > "Harry Simpson" <(E-Mail Removed)> wrote in message
> > > > > > news:(E-Mail Removed)...
> > > > > > > Using the SelfSSL internally (intranet) and the third check

> > doesn't
> > > > pass
> > > > > > > since we created the cert.
> > > > > > >
> > > > > > > Where does this code (CheckValidationResult) actually go in

the
> > web
> > > > > > > application??
> > > > > > >
> > > > > > > Harry
> > > > > > >
> > > > > > > "Joe Kaplan (MVP - ADSI)"

> > <(E-Mail Removed)>
> > > > > wrote
> > > > > > > in message news:(E-Mail Removed)...
> > > > > > > > The certificate will be trusted based on the trusted root
> > > > certificates
> > > > > > > > configured on the current machine. You can use the
> > > > ICertificatePolicy
> > > > > > > class
> > > > > > > > that I mentioned before to determine whether the CA for the

> cert
> > > was
> > > > > not
> > > > > > > > trusted by examining the certificateProblem parameter in
> > > > > > > > CheckValidationResult. I found a decent blog posting that

> shows
> > > > what
> > > > > > the
> > > > > > > > values of the parameter can be (they are probably in the

> > platform
> > > > SDK
> > > > > > > > somewhere...):
> > > > > > > >
> > > > > > > > http://weblogs.asp.net/wim/archive/2...02/106281.aspx
> > > > > > > >
> > > > > > > >
> > > > > > > > Joe K.
> > > > > > > >
> > > > > > > > "Curtis Justus" <(E-Mail Removed)> wrote

in
> > > > message
> > > > > > > > news:(E-Mail Removed)...
> > > > > > > > > Hi,
> > > > > > > > >
> > > > > > > > > I need to verify that a certificate is coming from a valid
> > > > > certificate
> > > > > > > > > authority. Does anybody know where I could obtain a list

> with
> > > > that
> > > > > > > > > information?
> > > > > > > > >
> > > > > > > > > Thanks,
> > > > > > > > > cj
> > > > > > > > >
> > > > > > > > >
> > > > > > > >
> > > > > > > >
> > > > > > >
> > > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > >
> > > >
> > >
> > >

> >
> >

>
>



 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Certificate Authority Scandal nemo_outis Computer Security 0 12-24-2008 04:30 AM
how does one automate the task of installing the trusted publisher and Certifying Authority certificate ? Tony Leung ASP .Net 0 06-19-2007 04:37 PM
PKI certificate authority Windows 2003 enterprise =?Utf-8?B?V291dGVyNzhOTA==?= MCSE 0 01-24-2007 11:10 PM
setting up an own certificate authority Pamela Computer Security 1 09-02-2004 08:14 PM
java.security & Being my own Certificate Authority Digby Java 1 10-04-2003 09:36 AM



Advertisments