Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > ASP .Net > ASP .Net Web Services > Who is responsible creating client certificate?

Reply
Thread Tools

Who is responsible creating client certificate?

 
 
Daniel Lee
Guest
Posts: n/a
 
      07-28-2006
My company is providing asp.net web service method to a third party company.
It's implmented using client certificate authentication over SSL. My network
manager generated a client certificate for the company. However, the company
decided to create their own. The issue is that they need to have a control
of private key.

Here is my sample for the client code:

com.inswriter.confirm.Service service = new com.inswriter.confirm.Service();

// Acknowledge the pipeline and optionally check and see that the Server
// Certificate matches what you want, in this case
// "CN=CertName"

ServicePointManager.ServerCertificateValidationCal lback = delegate(Object
sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err) { return
cert.Issuer.Equals(certName); };

// Attach the client certificate,
X509Certificate c = X509Certificate.CreateFromCertFile(
@"C:\CertFileDir\lynxder.cer");

service.ClientCertificates.Add(c);

// submit request (no message encryption)
string response = service.getpolicy(request);


My question is:
Does private key in the certificate involved at all in the client request?
If not, does it matter who generate the certificate?


Thanks in advance


 
Reply With Quote
 
 
 
 
Techno_Dex
Guest
Posts: n/a
 
      07-31-2006
The idea behind a certificate is there is a public and a private key. You
can sign your data with your cert's private key and someone on the other end
with your public key can validate your signed data packet. Certificates are
based on trust, so as long as you trust the certificate authority chain then
all is good. In theory, both sides can each have a certificate, then you
both exchange your public keys which allow you to each sign your data with
your own private key then validate (unencrypt, etc.) with the public key.

"Daniel Lee" <Daniel http://www.velocityreviews.com/forums/(E-Mail Removed)> wrote in message
news:(E-Mail Removed)...
> My company is providing asp.net web service method to a third party
> company.
> It's implmented using client certificate authentication over SSL. My
> network
> manager generated a client certificate for the company. However, the
> company
> decided to create their own. The issue is that they need to have a
> control
> of private key.
>
> Here is my sample for the client code:
>
> com.inswriter.confirm.Service service = new
> com.inswriter.confirm.Service();
>
> // Acknowledge the pipeline and optionally check and see that the Server
> // Certificate matches what you want, in this case
> // "CN=CertName"
>
> ServicePointManager.ServerCertificateValidationCal lback = delegate(Object
> sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err) {
> return
> cert.Issuer.Equals(certName); };
>
> // Attach the client certificate,
> X509Certificate c = X509Certificate.CreateFromCertFile(
> @"C:\CertFileDir\lynxder.cer");
>
> service.ClientCertificates.Add(c);
>
> // submit request (no message encryption)
> string response = service.getpolicy(request);
>
>
> My question is:
> Does private key in the certificate involved at all in the client request?
> If not, does it matter who generate the certificate?
>
>
> Thanks in advance
>
>



 
Reply With Quote
 
 
 
 
Daniel Lee
Guest
Posts: n/a
 
      08-16-2006
Thanks Techno_Dex. Somehow I did not get email notification.

If I use a client certificate (the .der file), does it mean client only
contains the public key and will use it for the authentication purpose.

Thanks

"Techno_Dex" wrote:

> The idea behind a certificate is there is a public and a private key. You
> can sign your data with your cert's private key and someone on the other end
> with your public key can validate your signed data packet. Certificates are
> based on trust, so as long as you trust the certificate authority chain then
> all is good. In theory, both sides can each have a certificate, then you
> both exchange your public keys which allow you to each sign your data with
> your own private key then validate (unencrypt, etc.) with the public key.
>
> "Daniel Lee" <Daniel (E-Mail Removed)> wrote in message
> news:(E-Mail Removed)...
> > My company is providing asp.net web service method to a third party
> > company.
> > It's implmented using client certificate authentication over SSL. My
> > network
> > manager generated a client certificate for the company. However, the
> > company
> > decided to create their own. The issue is that they need to have a
> > control
> > of private key.
> >
> > Here is my sample for the client code:
> >
> > com.inswriter.confirm.Service service = new
> > com.inswriter.confirm.Service();
> >
> > // Acknowledge the pipeline and optionally check and see that the Server
> > // Certificate matches what you want, in this case
> > // "CN=CertName"
> >
> > ServicePointManager.ServerCertificateValidationCal lback = delegate(Object
> > sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err) {
> > return
> > cert.Issuer.Equals(certName); };
> >
> > // Attach the client certificate,
> > X509Certificate c = X509Certificate.CreateFromCertFile(
> > @"C:\CertFileDir\lynxder.cer");
> >
> > service.ClientCertificates.Add(c);
> >
> > // submit request (no message encryption)
> > string response = service.getpolicy(request);
> >
> >
> > My question is:
> > Does private key in the certificate involved at all in the client request?
> > If not, does it matter who generate the certificate?
> >
> >
> > Thanks in advance
> >
> >

>
>
>

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
B&H is not Responsible for Advertisers Lies in their Catalog Steven M. Scharf Digital Photography 4 06-09-2004 11:42 PM
Re: Who's responsible for RR stop signs - RR or the city jowl Computer Support 13 11-11-2003 07:31 AM
Re: Who's responsible for RR stop signs - RR or the city Steve Hall Computer Support 2 11-04-2003 04:10 AM
Re: Who's responsible for RR stop signs - RR or the city Steve Hall Computer Support 1 11-02-2003 01:30 PM
Re: Who's responsible for RR stop signs - RR or the city PF Computer Support 0 06-25-2003 01:24 AM



Advertisments