locked
C# - Connection over SSL - client certificate Handshake RRS feed

  • Question

  • Hello,
    i have a problem with connection over SSL.
    I have specifics on the connection.

    I have created client certificate but administrator doesn't have a certificate of CA on a web server.
    I am currently get error "The remote server returned an error: (401) Unauthorized" because I don't send the client certificate on the web server.

    The problem is that i don't have the certificate of CA on the web server. The web server isn't in my administration.

    My idea is to bypass steps in Handshake. I am using HttpWebRequest.
    I need enforce send client certificate without Handshake. 

    Thank you for answer.


    Tuesday, June 28, 2011 12:53 PM

All replies

  • SSL protocol supports sending of certificates both by clients and by server. For server sending a certificate is mandatory. For client it is not, unless server requires that. Certificate is like a ticket to the show and CA is publisher of the ticket. If your certificate is not issued by one of the CA-s the server trusts, then why do you expect it to authorize the request (allowing you to the show with the counterfeit ticket)? Authentication can be done in different ways and on different protocol stack levels: SSL (certificates, the lowest), HTTP (Basic, Digest, NTLM, Kerberos), application (HTML form with user and password). Normally only banking web servers require client certificates; so, you might be authenticated even if you don't set SSL client certificate altogether.
    Wednesday, July 27, 2011 7:21 AM
    Moderator