Search code examples
c#winformsopensslssl-certificatehttpwebrequest

How to retrieve (GET) data from a HTTPS self-signed webPage when I have public key, private key and ca file available?

I am trying to GET some data from a https website and i do have credentials (both public and private key) along with the ca for the same. How can I do that?

I tried doing this and wasn't successful

private string RetrieveSoftwareDataMsgFromURL() {
            var cacert = File.ReadAllText(@"Certs\ca.crt");
            var clientcert = File.ReadAllText(@"Certs\client.crt");
            var clientkey = File.ReadAllText(@"Certs\client.key");

            ServicePointManager.Expect100Continue = true;
            ServicePointManager.DefaultConnectionLimit = 9999;
            ServicePointManager.SecurityProtocol = SecurityProtocolType.Ssl3 |SecurityProtocolType.Tls |SecurityProtocolType.Tls11 |SecurityProtocolType.Tls12;
            ServicePointManager.ServerCertificateValidationCallback += delegate { return true; };

            ICertificateProvider provider = new CertificateFromFileProvider(clientcert, clientkey);
            X509Certificate2 clientCertificate = provider.Certificate;

            string url = "https://SomeWebsite.com/changelog";

            var httpWebRequest = (HttpWebRequest)WebRequest.Create(url);
            httpWebRequest.Method = "GET";
            httpWebRequest.AuthenticationLevel = AuthenticationLevel.MutualAuthRequired;
            httpWebRequest.ClientCertificates.Add(clientCertificate);
            httpWebRequest.Credentials = CredentialCache.DefaultCredentials;

            string result = "Nothing's In There";
            var httpResponse = (HttpWebResponse)httpWebRequest.GetResponse();
            using (var streamReader = new StreamReader(httpResponse.GetResponseStream())) {
                result = streamReader.ReadLine();
            }

            return result;
        }

I ended up hitting this exception "System.Net.WebException: 'The request was aborted: Could not create SSL/TLS secure channel.' ".

Solution

  • Couldn't make it work with .crt and .key files, but tried by creating .pfx file with certs and then tried following;

            WebRequestHandler handler = new WebRequestHandler();
        handler.ClientCertificates.Add(cert);

        HttpClient client = new HttpClient(handler) { Timeout = Timeout.InfiniteTimeSpan };
        try {
            var httpResponse = await client.GetAsync(URL) as HttpResponseMessage;
            using (var remoteStream = await httpResponse.Content.ReadAsStreamAsync().ConfigureAwait(false))
            using (var content = File.Create(filepath)) {
                var buffer = new byte[4096];
                int read;
                while ((read = await remoteStream.ReadAsync(buffer, 0, buffer.Length).ConfigureAwait(false)) != 0) {
                    await content.WriteAsync(buffer, 0, read).ConfigureAwait(false);
                    FlushFileBuffers(content.SafeFileHandle);
                }
            }
        } catch (Exception e) {
            //
        }