Search code examples
c#curlwebrequest

cURL request using .NET using security certificate

I have a cURL command that requires a security certificate. I am trying to replace the call with a WebRequest in C#.

Here's the curl command :

curl -d "uid=UUUUUU&password=PPPPPP&active=Y&type=I" https://www.aidap.naimes.faa.gov/aidap/XmlNotamServlet --key aidap_key.pem --cacert aidap_ca.pem --cert aidap_client.pem:start123 -k -O

Where I am stuck is with how to incorporate the --key, --cacert and --cert parameters. Currently I am setting WebRequest.PreAuthenticate=true and creating NetworkCredential with the name and password of the security certificate in my certificate store (what I assume is in the --key, --cacert, etc).

I am getting a 403 forbidden exception when I run the code below.

Any ideas?

Here's the code I'm using:

 public void RetrieveNotams()
        {
            string myURL = "https://www.aidap.naimes.faa.gov/aidap/XmlNotamServlet";

            HttpWebRequest req;

            NetworkCredential myCred = new NetworkCredential("AAAAA", "BBBBB");

            req = (HttpWebRequest)WebRequest.Create(myURL);

            req.PreAuthenticate = true;

            req.Credentials = myCred;

            req.Method = "POST";

            req.ContentType = "application/x-www-form-urlencoded";
            string postData = "uid=UUUUUU&password=PPPPPP&active=Y&type=I";
            byte[] byteArray = Encoding.UTF8.GetBytes(postData);
            req.ContentLength = byteArray.Length;

            using (Stream dataStream = req.GetRequestStream())
            {
                dataStream.Write(byteArray, 0, byteArray.Length);
                dataStream.Close();
            }

            req.GetResponse();

        }
Solution

  • I figured it out with the help of

    http://www.codeproject.com/Articles/28395/Attaching-a-digital-certificate-public-key-to-an-H

    I grab the certificate from the certificate store, and add it to the request's certificate collection. And took out the PreAuthenticate code.

    Here's the updated code:

    public void RetrieveNotams()
{
    string myURL = "https://www.example.com/SecureSite";

    // Open the certificate store for the current user in readonly mode,
    // and find the certificate I need to user
    X509Store xstore = new X509Store(StoreLocation.CurrentUser);

    xstore.Open(OpenFlags.ReadOnly);

    X509Certificate cert=null; 

    foreach (X509Certificate c in xstore.Certificates)
        if(c.Subject.StartsWith("CN=aidapuser"))
            cert=c;          

    HttpWebRequest req;

    req = (HttpWebRequest)WebRequest.Create(myURL);

    // add the certificate to the request
    req.ClientCertificates.Add(cert);

    req.Method = "POST";

    req.ContentType = "application/x-www-form-urlencoded";
    string postData = "uid=UUUUUUU&password=PPPPPP&active=Y&type=I";
    byte[] byteArray = Encoding.UTF8.GetBytes(postData);
    req.ContentLength = byteArray.Length;

    // add the parameters to POST to the URL
    using (Stream dataStream = req.GetRequestStream())
    {
        dataStream.Write(byteArray, 0, byteArray.Length);
        dataStream.Close();
    }

    // grab the response and show the first 10 lines

    using (StreamReader sr = new StreamReader(req.GetResponse().GetResponseStream()))
    {

        for (int i = 0; i < 10; i++)
            Console.WriteLine(sr.ReadLine());
    }

}