如何将注册表证书添加到HttpWebRequest? [英] How to add registry certificate to HttpWebRequest?
问题描述
如果这是一个重复的问题,我事先表示歉意。我是 HttpWebRequest
的行话的新手,而我的Google搜索却毫无结果。
My apologies in advance if this is a duplicate question. I am new to the 'lingo' of HttpWebRequest
and my google searching turned up fruitless.
前段时间,我编写了一个使用 HttpWebRequest
的登录控制器。当我在家运行它时,它工作正常。我在公司防火墙的后面尝试了相同的登录控制器,并且期望客户端身份验证证书能够通过。我在网上阅读了该证书,该证书存在于台式机的系统注册表中。果然,我可以打开IE和Internet选项->内容->证书,我可以在对话框窗口中看到IE用来执行我想用我的登录控制器完成的相同操作的客户端证书。
Some time ago I wrote a login controller that utilizes HttpWebRequest
. It works fine when I run it at home. I tried the same login controller from behind my company's firewall and it is expecting a Client Authentication certificate to get through. I read online that the certificate lives in my desktop's system registry. Sure enough, I can open IE and internet options->content->certificates I can see in the dialog window the client certificate that IE is using to do the same thing I want to accomplish with my login controller.
有人可以提供一个C#代码片段,显示将注册表中的客户端证书添加到我的HttpWebRequest中的方法吗?
Can someone please provide a C# code snippet showing a way add the client certificates from the registry to my HttpWebRequest?
例如,
var request = (HttpWebRequest) WebRequest.Create("https://www.someplace.com/Login");
request.Credentials = CredentialCache.DefaultCredentials;
request.ClientCertificates.Add(); //<---- ? how to add registry certs?
request.KeepAlive = true;
等。
推荐答案
此MS知识库文章介绍了您需要的内容-如何通过使用HttpWebRequest和HttpWebResponse类。
This MS knowledge base article covers what you need - How to send a client certificate by using the HttpWebRequest and HttpWebResponse classes.
如本文所述,您有两个选择可以打开:
As described in the article, you have two options open to you:
- 使用
X509Certificate
类从.cer文件中读取证书。 - 使用CryptoAPI调用直接从证书存储中提取证书信息。
- Use the
X509Certificate
class to read the cert from a .cer file. - Use CryptoAPI calls to extract the certificate information directly from the certificate store.
第二种选择是麻烦的事,需要提高信任度才能从证书存储中提取证书商店。因此,您将尽可能选择选项1。这样的事情:
The second option is a nuisance, and needs elevated trust to extract from the cert. store. So you'll want to go for option 1 if possible. Something like this:
X509Certificate Cert = X509Certificate.CreateFromCertFile("C:\\mycert.cer");
HttpWebRequest Request = (HttpWebRequest)WebRequest
.Create("https://YourServer/sample.asp");
Request.ClientCertificates.Add(Cert);
这篇关于如何将注册表证书添加到HttpWebRequest?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!