How to check client certificate on server?

Question

How to check client certificate on server?

I need to implement a web service that is called by a predefined third party. The documentation states

You are responsible for verifying the fingerprint of the caller’s certificate. Accept calls only from certificates that have the correct public key.

and there is a .cer file with the public key of the certificate.

The HttpRequest has a ClientCertificate property, which supposedly contains an HttpClientCertificate object, which in turn has a PublicKey property of type byte[] .

Suppose I downloaded this .cer file and got another certificate object that also has an available public key.

How to check the certificate that comes in the request for the one I uploaded? Am I just comparing two public keys of byte[] arrays or am I doing something else?

+4

c # .net certificate asp.net

sharptooth Feb 08 '13 at 8:35

source share

1 answer

Maxime rouler · Answer 1 · 2015-11-19T15:13:34+0000

If you import the certificate into the certificate store of your computer, any use of the HTTP endpoint will be automatically verified by the .NET Framework (WCF, HttpClient, etc.).

If it was issued by a trusted CA, it is even better, because then you do not even need to import a certificate.

You do not need to manually check it.

How to check client certificate on server?

More articles: