接收Web请求X509客户端证书 [英] receiving X509 client certificates in web requests

问题描述

我想从一个HTTP处理程序发送一个X509Certificate到Web服务，将接收和阅读证书来验证用户。我知道证书发送罚款;我有一个测试，让我在发送之前看的HttpWebRequest 和 ClientCertificates 属性表明，它有一个证书连接。 （例如： request.ClientCertificates.Count = 1 ）。

I am trying to send an X509Certificate from an Http Handler to a web service that will receive and read the certificate to authenticate the user. I know the certificate is sending fine; I have a tester that lets me look at the HttpWebRequest before sending, and the ClientCertificates property shows that it has a certificate attached. (e.g. request.ClientCertificates.Count = 1).

然而，对Web服务的另一边， HttpRequest.ClientCertificate 始终如一显示 NULL 。我已经看过了许多Microsoft知识库例子和所有的人都使用插入证书相同的技术。其他不相关的文章显示， HttpRequest.ClientCertificate 是在阅读它的首选方式。

However, on the other side on the web service, HttpRequest.ClientCertificate is consistently showing NULL. I have looked at a number of Microsoft KB examples and all of them are using the same technique for inserting the certificate. Other unrelated articles show that HttpRequest.ClientCertificate is the preferred way of reading it in.

所以我在做什么错了，我怎么能确定客户端证书被送到服务器上？

So what am I doing wrong, and how can I determine on the server that a client certificate was sent?

推荐答案

也许配置的HttpListener 与 clientcertnegotiation =启用与 的netsh 将帮助（这使得服务器的初始握手期间协商客户证书，如相对于使用重新协商）。

Perhaps configuring your HttpListener with clientcertnegotiation=enable with netsh would help (this makes the server negotiate the client-certificate during the initial handshake, as opposed to using re-negotiation).

这可能还取决于您是否已经初始化上用自己的私钥客户端证书，请参阅的http://stackoverflow.com/questions/2901105/cant-connect-to-https-using -x509客户端证书

It may also depend on whether you've initialised the certificate on the client side with its private key, see http://stackoverflow.com/questions/2901105/cant-connect-to-https-using-x509-client-certificate

这篇关于接收Web请求X509客户端证书的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！