Client Certificate and HttpWebRequest

0
votes

I have two keys

a .PEM-file and a .KEY file. The pem key is in X509-format.

I have got the the pem-file from a provider (I have sent to the provider the .csr).

I am about to send a client certificate by using the HttpWebRequest and HttpWebResponse classes in Microsoft Visual C# .NET.

For that I have registret the pem-file at the 2003-windows-server by using the mmc-tool in windows:

1) Click Start, click Run, type mmc, and then click OK. 2) On the File menu, click Add/Remove Snap-in. 3) In the Add/Remove Snap-in dialog box, click Add. 4) In the Add Standalone Snap-in dialog box, click Certificates, and then click Add. 5) In the Certificates Snap-in dialog box, click Computer account, and then click Next 6) In the Select Computer dialog box, click Finish. 7) In the Add Standalone Snap-in dialog box, click Close, and then click OK. 8) Expand Certificates (Local Computer), expand Personal, and then click Certificates.

I have then imported the pem-file (also with mmc).

The Question is: How do I give permission to the certificate?

I have tried this (WinHttpCertCfg.exe tool):

winhttpcertcfg -l -c LOCAL_MACHINE\Root -s NON-Production.pem

And what about the .key-file?

1
asp.netcertificatewindows-server-2003

1 Answers

0
votes

Download XCA. It is a n application built on top of openssl that will help you make a p12 file from your .key-file and .pem-file. It is simple. Import .key-file on Private Keys tab. Import .pem-file on Certificates tab. Then on Certificates tab export the certificate as PKCS#12 (combo box Export Format). Set a password if you wish or leave blank. Then you can import this .p12 file using mmc as you wrote.

Now you can use winhttpcertcfg to set permissions on private key. This documentation will help you. (parameter -s means subject. In mmc open the imported certificate and look for CN=something in the subject field. Then add this something with -s parameter).