CODEWITHSUNDEEP
c#ssl-certificate
user7336033
user7336033

Reputation: 297

How to call web service with client certificate from C#?

I've installed one certificate into my PC from my client which is needed to access their web service. But when I'm trying to access the web service from my C# windows service then I can't find the certificate from the code. Here is my code:

private X509Certificate findCertificate()
{
        X509Store store = new X509Store(StoreName.Root, StoreLocation.CurrentUser);
        store.Open(OpenFlags.ReadOnly);
        string certThumbprint = string.Empty;

        X509Certificate cert = new X509Certificate();
        for (int i = 0; i < store.Certificates.Count; i++)
        {
            certThumbprint = store.Certificates[i].Thumbprint.ToString().ToUpper();
            if (certThumbprint == "‎176455DB76886FF2BA3C122F8B36322F647CB2FD")//when debugging then debugger is not coming into this line even if it finds the thumbprint
            {
                cert = store.Certificates[i];
            }
        }
        return cert;
 }

Also, I'm trying to do the same with App.config but I'm hitting error as :

invalid hexadecimal string format. inner exception null

Here is my App.config

<?xml version="1.0" encoding="utf-8"?>
 <configuration>
 <system.serviceModel>
  <bindings>
   <customBinding>
     <binding name="PrivatmoneyPortBinding" >
        <security defaultAlgorithmSuite="Basic128" authenticationMode="MutualCertificate"
          requireDerivedKeys="false" includeTimestamp="true" messageProtectionOrder="SignBeforeEncrypt"  messageSecurityVersion="WSSecurity10WSTrust13WSSecureConversation13WSSecurityPolicy12BasicSecurityProfile10"
          requireSignatureConfirmation="false">

            <localClientSettings cacheCookies="true" detectReplays="true"
                        replayCacheSize="900000" maxClockSkew="00:05:00" maxCookieCachingTime="00:05:00"
                        replayWindow="00:05:00" sessionKeyRenewalInterval="10:00:00"
                        sessionKeyRolloverInterval="00:05:00" reconnectTransportOnFailure="true"
                        timestampValidityDuration="00:05:00" cookieRenewalThresholdPercentage="60" />
                    <localServiceSettings detectReplays="true" issuedCookieLifetime="10:00:00"
                        maxStatefulNegotiations="128" replayCacheSize="900000" maxClockSkew="00:05:00"
                        negotiationTimeout="00:01:00" replayWindow="00:05:00" inactivityTimeout="00:02:00"
                        sessionKeyRenewalInterval="15:00:00" sessionKeyRolloverInterval="00:05:00"
                        reconnectTransportOnFailure="true" maxPendingSessions="128"
                        maxCachedCookies="1000" timestampValidityDuration="00:05:00" />
      </security>
                <textMessageEncoding maxReadPoolSize="64" maxWritePoolSize="16"
                    messageVersion="Default" writeEncoding="utf-8">
                    <readerQuotas maxDepth="32" maxStringContentLength="8192" maxArrayLength="16384"
                        maxBytesPerRead="4096" maxNameTableCharCount="16384" />
                </textMessageEncoding>
                <httpsTransport manualAddressing="false" maxBufferPoolSize="524288"
                    maxReceivedMessageSize="65536" allowCookies="false" authenticationScheme="Anonymous"
                    bypassProxyOnLocal="false" decompressionEnabled="true"
                    keepAliveEnabled="true" maxBufferSize="65536" proxyAuthenticationScheme="Anonymous"
                    realm="" transferMode="Buffered" unsafeConnectionNtlmAuthentication="true"
                    useDefaultWebProxy="true" requireClientCertificate="true" />
    </binding>
  </customBinding>
</bindings>
<client>
    <endpoint address="https://pmtest.xxxx.xx:xxxx/xxxxx/xxxxx?wsdl" behaviorConfiguration="NewClientEPBehavior"
      binding="customBinding" bindingConfiguration="PrivatmoneyPortBinding"
      contract="PrivatMoney.PrivatmoneyPort" name="PrivatmoneyPort">
  </endpoint>
</client>
    <behaviors>
        <endpointBehaviors>
            <behavior name="NewClientEPBehavior">
                <clientCredentials>
                    <serviceCertificate>
          <authentication certificateValidationMode="PeerTrust" trustedStoreLocation="CurrentUser" />
                    </serviceCertificate>
                    <clientCertificate storeLocation="CurrentUser" storeName="Root" findValue="‎176455DB76886FF2BA3C122F8B36322F647CB2FD"  x509FindType="FindByThumbprint" />

      </clientCredentials>
            </behavior>
         </endpointBehaviors>
    </behaviors>
 </system.serviceModel>
</configuration>

Upvotes: 3

Views: 531

Answers (1)

pepo
pepo

Reputation: 8877

I don't know how you've got the thumbprint. In my case I've selected it from certificate details (GUI from mmc). The problem was I selected more. There is some invisible character at the beginning that does not show when you paste it to config.

Select the thumbprint except the first character and copy it to clipboard. Type the first character into config and paste the rest from clipboard.

Upvotes: 1

Related Questions