locked
GetRequestContext().ClientCertificate always return null RRS feed

 > 

  • Question

  • Question
    Sign in to vote
    0
    Sign in to vote
    User-314678096 posted

    I am working on client certificate-based authentication with self-hosted web API but web API always return when trying to get a certificate from the request using GetRequestContext().ClientCertificate

    Here is code on web API side

     protected override System.Threading.Tasks.Task<HttpResponseMessage>
                SendAsync(HttpRequestMessage request, CancellationToken cancellationToken)
        {
  HttpResponseMessage response = ValidateCertificate(request);
            if (response.StatusCode == HttpStatusCode.OK)
                return base.SendAsync(request, cancellationToken);
            else
                return Task<HttpResponseMessage>.Factory.StartNew(() => response);
        }

private HttpResponseMessage ValidateCertificate(HttpRequestMessage request)
        {
            var certificateFromRequest = request.GetRequestContext().ClientCertificate;

            if (certificateFromRequest == null)
            {
                return request.CreateResponse(HttpStatusCode.NotAcceptable, "Certificate is not available in request!");
            }

    On Client side code is:

    WebRequestHandler handler = new WebRequestHandler();
            X509Certificate2 certificate = ConfigurationManager.AppSettings["MSIClientCertificateThumbprint"].CleanThumbprint().GetCertByThumbprint();

            handler.ClientCertificates.Add(certificate);
using (var httpClient = new HttpClient(handler))
            {
                var response = await httpClient.PostAsync($"{ConfigurationManager.AppSettings["WEBAPIPATH"]}/api/controller/{param}", null);
                response.EnsureSuccessStatusCode();
            }

    I always see certificate is being properly passed in the HTTPClient with private keys on it but still, web API fails to find it
    Tuesday, March 27, 2018 10:06 AM

All replies

  • Question
    Sign in to vote
    0
    Sign in to vote
    User283571144 posted

    Hi vivek kumar jain,

    According to your description, I suggest you could firstly check you have used the right url (https) to send the request with certificate.

    As far as I know, if you want to send the request with certificate, you should use https in the url.

    Besides, I suggest you could check the IIS setting to enable the IIS receive the certificate.

    More details about how to implement certificate in web api, you could refer to below article.

    https://docs.microsoft.com/en-us/aspnet/web-api/overview/security/working-with-ssl-in-web-api 

    More details about how to send the request with certificate, you could refer to below answer.

    https://stackoverflow.com/a/47361226/7609093 

    Best Regards,

    Brando

    Wednesday, March 28, 2018 3:16 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User-314678096 posted

    Its a self-hosted web API (as a window service or console application )

    Wednesday, March 28, 2018 3:23 AM
  • Question
    Sign in to vote
    0
    Sign in to vote
    User1531980225 posted

    Hi, were you ever able to figure out how to do it?

    Tuesday, February 12, 2019 5:07 PM