I am trying to send an X509Certificate from an Http Handler to a web service that will receive and read the certificate to authenticate the user. I know the certificate is sending fine; I have a tester that lets me look at the HttpWebRequest
before sending, and the ClientCertificates
property shows that it has a certificate attached. (e.g. request.ClientCertificates.Count = 1
).
However, on the other side on the web service, HttpRequest.ClientCertificate
is consistently showing NULL
. I have looked at a number of Microsoft KB examples and all of them are using the same technique for inserting the certificate. Other unrelated articles show that HttpRequest.ClientCertificate
is the preferred way of reading it in.
So what am I doing wrong, and how can I determine on the server that a client certificate was sent?
Perhaps configuring your
HttpListener
withclientcertnegotiation=enable
withnetsh
would help (this makes the server negotiate the client-certificate during the initial handshake, as opposed to using re-negotiation).It may also depend on whether you've initialised the certificate on the client side with its private key, see Can't connect to HTTPS using X509 client certificate