Struggling with REST call and certificates

Question

I'm trying to talk to a REST web service that requires certificates to make the call. I got two files from my client - a *.pem and a *.key file.

Using these two files, I can make the call to that web service on the command line using curl:

curl.exe -k -v "MyUrl" --cert mycert.pem --key mycertkey.key

This works. But I would like to use Fiddler and ultimately my own C# code to make that call - but how??

In Fiddler, I'm reading about having to provide the certificate as a ClientCertificate.cer file in a specific directory..... but I have a .pem and a .key file - how do those "translate" into a *.cer file?

And how can I use those *.pem and *.key files in my own C# code to make a call to that web service (using RestSharp or just a plain WebRequest) ?

Update: following the answer by Drew Burchett, I imported my .pem file into the certificate store on my machine, and then exported it to a .cer file ("DER-encoded, binary") and placed it in Fiddler's folder. When attemping a call to the REST service, I still get this error from Fiddler:

[Fiddler] The connection to '......' failed.
System.Security.SecurityException Failed to negotiate HTTPS connection with server.fiddler.network.https; HTTPS handshake to (url) failed.
System.Security.Authentication.AuthenticationException Error with SSPI call, see internal exception; the format of the received message was unexpected or erroneous

Funny enough, the last paragraph (the System.Security.Authentication.AuthenticationException paragraph) shows up in German on my system, while the rest is in English.... odd......

Update #2:
Attempting this in C# code using the WebRequest with the https:// prefix and the certificate installed in the certificate store (my own certificates, trusted root certificates) fails with an error:

System.Net.WebException was caught
HResult=-2146233079
Message=The request was aborted: no secure SSL/TLS channel could be established.

Any ideas?

Answer 1

You should be able to translate the .pem file into a .cer file through certificate manager. In Windows 7, click Start | Run and type in certmgr.msc. In Windows 8, right-click on the start button and select Run. Type in certmgr.msc and click OK. Once you have the certificate manager open:

1. Expand the Personal folder and click on the Certificates folder
2. Right-click on the Certificates folder (or the Personal folder if Certificates does not exist) and click Import.
3. Browse to where your .pem file is saved and select it.
4. Select to import the certificate into the specified folder.

Once the import process is complete, you should see the certificate. You can then right-click on it and select Export. Choose the .cer file and provide a path and filename to save the certificate.

If this is a certificate used to identify the server you are connecting (I would suspect that it is) and it is a self-signed certificate, in order to use it in your C# code, you'll need to place it in your Trusted Root Certification Authority folder. Then, when you call the service using a WebRequest and an https prefix, the certificate will be trusted and the call will succeed. You can either use the procedure above to import the certificate into the proper folder or you can embed the certificate in your application's "Root" folder using a method found at Microsoft:

1. Export the server cert to a .der file
2. Include the cert in your application (I put mine in the Assets Directory) Right click on the cert after you include it in your project and a. set the Build Action to Content b. set the Copy to Output Directory to Copy always

3. Open the package.appxmanifest in the text or XML editor by right clicking on it and add your cert to the "Root"

     <Extensions>
   <!--Certificates Extension-->
   <Extension Category="windows.certificates">
     <Certificates>
       <Certificate StoreName="Root" Content="Assets\jsanders4.cer" />
   
     </Certificates>
   </Extension>