如何将注册表证书添加到HttpWebRequest？ [英] How to add registry certificate to HttpWebRequest?

问题描述

如果这是一个重复的问题，我事先表示歉意。我是 HttpWebRequest 的行话的新手，而我的Google搜索却毫无结果。

My apologies in advance if this is a duplicate question. I am new to the 'lingo' of HttpWebRequest and my google searching turned up fruitless.

前段时间，我编写了一个使用 HttpWebRequest 的登录控制器。当我在家运行它时，它工作正常。我在公司防火墙的后面尝试了相同的登录控制器，并且期望客户端身份验证证书能够通过。我在网上阅读了该证书，该证书存在于台式机的系统注册表中。果然，我可以打开IE和Internet选项->内容->证书，我可以在对话框窗口中看到IE用来执行我想用我的登录控制器完成的相同操作的客户端证书。

Some time ago I wrote a login controller that utilizes HttpWebRequest. It works fine when I run it at home. I tried the same login controller from behind my company's firewall and it is expecting a Client Authentication certificate to get through. I read online that the certificate lives in my desktop's system registry. Sure enough, I can open IE and internet options->content->certificates I can see in the dialog window the client certificate that IE is using to do the same thing I want to accomplish with my login controller.

有人可以提供一个C＃代码片段，显示将注册表中的客户端证书添加到我的HttpWebRequest中的方法吗？

Can someone please provide a C# code snippet showing a way add the client certificates from the registry to my HttpWebRequest?

例如，

var request = (HttpWebRequest) WebRequest.Create("https://www.someplace.com/Login");
                request.Credentials = CredentialCache.DefaultCredentials;
                request.ClientCertificates.Add(); //<---- ? how to add registry certs?
                request.KeepAlive = true;

等。

推荐答案

此MS知识库文章介绍了您需要的内容-如何通过使用HttpWebRequest和HttpWebResponse类。

This MS knowledge base article covers what you need - How to send a client certificate by using the HttpWebRequest and HttpWebResponse classes.

如本文所述，您有两个选择可以打开：

As described in the article, you have two options open to you:

1. 使用 X509Certificate 类从.cer文件中读取证书。


2. 使用CryptoAPI调用直接从证书存储中提取证书信息。

1. Use the X509Certificate class to read the cert from a .cer file.
2. Use CryptoAPI calls to extract the certificate information directly from the certificate store.

第二种选择是麻烦的事，需要提高信任度才能从证书存储中提取证书商店。因此，您将尽可能选择选项1。这样的事情：

The second option is a nuisance, and needs elevated trust to extract from the cert. store. So you'll want to go for option 1 if possible. Something like this:

X509Certificate Cert = X509Certificate.CreateFromCertFile("C:\\mycert.cer");
HttpWebRequest Request = (HttpWebRequest)WebRequest
                         .Create("https://YourServer/sample.asp");
Request.ClientCertificates.Add(Cert);

这篇关于如何将注册表证书添加到HttpWebRequest？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！