HttpClient with client certificate loaded from file

I want to add mutual authentication to my client .NET application that is running under IIS server (it's a web service that calls another web service). Client app loads client certificate from file and it works fine with the following code on my deve

Configuring the WS-Trust CXF Service Certificate

Objective: Get information (using Apache CXF) from a third party (thus no control or access to the service backend) web service which use WS-Trust i.e. it authenticates the user using a Secure Token Service in this case with UsernameToken authenticat

2-way SSL - Client certificate not sent to the server

I'm have an application deployed to salesforce on the force.com platform, which I'm trying to configure a 2 way SSL for. I.e. I want that for each request sent to from SF to my server, a client certificate will be sent. I did the necessary configurat

Weblogic client certificate authentication by webapp module

i m using Weblogic 12c. I would like to set up client certificate authentication (2-way SSL). But i do not want to enforce client certificates for the whole server. Basically, in our webapp most of the servlets should work with regular 1-way SSL (onl

IOS client certificates and mobile device management

Our customers want to use an MDM (mobile device management) solution (MobileIron) to install client certificates onto corporate iOS devices, in order to limit access to certain corporate web services to corporate devices only. MobileIron installs the

Authenticating SSL Client Certificates in Mobile Web Browsers

I am looking for whether the SSL client certificate based authentication can be done in mobile browsers (mobile safari, mobile firefox, mobile chrome, IE, etc) in iOS, Android, Windows, etc? ThxYes, it definitely works in Safari on iOS. Not sure abou

Verify that a certificate belongs to a given user

How can I (or, is it possible) to verify that a user certificate belongs to a given user? For example, in an e-Voting system I want to prohibit that an user A who has a certificate C1 votes for other people. How can I detect that when someone present

Error Accessing Access Certificate Denied

I am trying to add a certificate inside localMachine Root. Below is the code for what I tried but this is not allowing me to add into Local Machine, while coming to add it say's access denied. How to allow to install inside Local Machine? X509Certifi

Debugging SSL Handshake

How to debug ssl handshake, preferably with curl? I would like to troubleshoot per directory authentication with client certificate. I would specially like to find out which acceptable client certificates does server send. Thanks in advanceI have use

Securing the asp.net mvc zone with a client certificate

I have some troubles with configuring requesting for client certificate to protect mvc area. I can easily configure this for whole application, but is it possible to do this only for one area (admin for example) ?So, the easiest way to achieve this,

ASP.NET smart card authentication

We currently have a site that is hosted within a cloud environment. Let's say for sake of discussion, that the site is https://abc.site.com. We have a wildcard SSL certificate (*.site.com) that is used to secure the site. We have been asked to implem

Apache CXF wsdl download via SSL / TLS

I have a cxf service running at https://localhost:8443/services/MyService?wsdl with client certificate required. The WSDL is not important here. I am able to invoke the service when I remove the client certificate or https requirement. The service an

Windows 8 Phone Client HTTPS Authentication

I am trying to access a secure HTTPS server using client certificate from a Windows 8 Phone app I am developing. This does not work at all which has has made me try to access the HTTPS server from the standard web browser where it does not work eithe

The browser does not ask for a client certificate

Background: I am updating an internal application to a two-step authentication process. I want to add a client certificate authentication process (via a smart card) on top of a traditional username/password form. The application is written in C#, hos

Disconnecting / relogin for https client certificates

I have a web site using ssl certificate authentication. How to force the web browser from the server to ask again the certificate to be used? It would be useable for logout, but the use case here is switching user identity. I remember something about

Get a client certificate out of a DoD CAC card

I have a C application that uses LibCurl (LibCurl is a C API that makes an HTTP connection to a web server). Using LibCurl I need to download a file from an HTTPS server that requires a client certificate. So far our technical solution works great. M

ASP.NET Request.ClientCertificate Returning Blank on IIS 7

I'm migrating a web app from an IIS 6 server to an IIS 7 server and I'm having some troubles with getting the client's certificate. The piece of code that I'm using looks like this: HttpClientCertificate cert = Request.ClientCertificate; if (cert.IsP

2-way SSL with CherryPy

From CherryPy 3.0 and onwards, one-way SSL can be turned on simply by pointing to the server certificate and private key, like this: import cherrypy class HelloWorld(object): def index(self): return "Hello SSL World!" index.exposed = True cherry

The object contains only the public half of a key pair

Upon installation of a client side certificate, I am getting the exception "Object contains only the public half of a key pair. A private key must also be provided". My application is a VC#.NET application running over an ASP.NET platform. The a

HTTPS Java client certificate authentication

I'm fairly new to HTTPS/SSL/TLS and I'm a bit confused over what exactly the clients are supposed to present when authenticating with certificates. I'm writing a Java client that needs to do a simple POST of data to a particular URL. That part works

Apache 2 authentication error

Attempting to implement client authentication with an SSL cert, according to this HOWTO, I receive the following errors. Apache: Re-negotiation handshake failed: Not accepted by client!? Firefox: ssl_error_handshake_failure_alert I assume it is a con

iPhone client certificate

I would like to verify that an app I am writing is running on an iPhone. What would be perfect is this: Apple baked an SSL client certificate into each iphone which can be authenticated by a receiving server. I this the case? I have not started resea