I used the makecert tool in order to create:
I then installed the self-signed certificate in the Trusted Certificate Authorities section in mmc.
The server certificate and the client certificate were installed in the Personal section in mmc.
I then deployed a web service in IIS as HTTP using the server certificate.
I then have another application which makes use of the web service. It sends the client certificate with the web service request, as shown below:
public static void Main(string[] args)
{
X509Store store = new X509Store(StoreName.My, StoreLocation.LocalMachine);
store.Open(OpenFlags.ReadOnly);
X509Certificate2Collection col = store.Certificates.Find(X509FindType.FindBySubjectName, "client.com", true);
if (col.Count == 1)
{
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 | SecurityProtocolType.Tls;
ClientServices web_service = new ClientServices();
web_service.ClientCertificates.Add(col[0]);
try
{
string check = web_service.CheckCertificate();
Console.WriteLine(check);
}
catch (WebException e)
{
Console.WriteLine(e.Message.ToString());
}
}
else
{
Console.WriteLine("The certificate was not found!");
}
Console.ReadKey();
}
On the server-side, I am checking for the client certificate like this:
[WebMethod]
public string CheckCertificate()
{
string message;
try
{
X509Certificate2 cert = new X509Certificate2(Context.Request.ClientCertificate.Certificate);
if (cert != null)
{
message = cert.SerialNumber.ToString();
}
else
{
message = "Error: No certificate was found!";
}
}
catch (Exception e)
{
message = e.Message.ToString();
}
return message;
}
Whenever I run the client app, I am getting the following error message:
The request was aborted. Could not create SSL/TLS secure channel.
How can I solve this problem?
I found the culprit.
I installed the WinHttpCertCfg tool and granted access to the private key of the certificate.
The command I used is this:
WinHttpCertCfg.exe -g -c LOCAL_MACHINE\MY -s "<name of certificate>" -a EVERYONE