I need to post data to a remote server with client certificates. The problem is that I got a message said the client certificate is invalid. See the return message below
StatusCode: 200, ReasonPhrase: 'OK', Version: 1.1, Content:
System.Net.Http.StreamContent, Headers:
{
connection: close
pragma: no-cache
Cache-Control: no-cache
Date: Thu, 01 Oct 2015 04:05:24 GMT
P3P: CP="NON CUR OTPi OUR NOR UNI"
Content-Length: 505
Content-Type: text/html
}
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<!-- Copyright (C) 2000 Tivoli Systems, Inc. -->
<!-- Copyright (C) 1999 IBM Corporation -->
<!-- Copyright (C) 1998 Dascom, Inc. -->
<!-- All Rights Reserved. -->
<HTML>
<HEAD>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-
8">
<TITLE>Certification authentication failed</TITLE>
</HEAD>
<BODY>
An attempt to authenticate with a client certificate failed.
<BR>
A valid client certificate is required to make this connection.
</BODY>
</HTML>
What I tried:
The certificates I got are Encrypt.p12, Sign.p12, Test_Enc.crt, Test_sign.crt. I double clicked all these certificates and install all of these. But it doesn't help me.
According to the implement guide, it says HTTP requests to the company should use the parameter name of 'Input' to specify the payload value. So what I tried is add "Input=" in front of the content. In my case is 'ReqContent = "Input=" + ''ReqContent;'
so anything I did wrong or anything I should do but I didn't do?
The following is my code.
public async Task<string> PostRequest(string ReqContent)
{
//ReqContent = "Input=" + ReqContent; this doesn't solve the certificate issue
WebRequestHandler handler = new WebRequestHandler();
X509Certificate2 certificate = null;
certificate = GetX509Certificate(@"C:\Test certificate\Test_sign.crt");
handler.ClientCertificates.Add(certificate);
HttpClient client = new HttpClient(handler);
client.BaseAddress = new Uri("https://www.somecompany.com /cert/invoke/mm.cdds.common.services");
client.DefaultRequestHeaders.Host = "www.somecompany.com";
client.DefaultRequestHeaders.Add("contenttype", "application/xml");
client.DefaultRequestHeaders.Add("Accept-Encoding", "gzip, deflate");
client.DefaultRequestHeaders.Accept.Clear();
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("application/xml"));
client.DefaultRequestHeaders.Connection.Clear();
client.DefaultRequestHeaders.Connection.Add("keep-alive");
client.DefaultRequestHeaders.CacheControl = new CacheControlHeaderValue() { NoCache = true };
client.DefaultRequestHeaders.Pragma.Clear();
client.DefaultRequestHeaders.Pragma.Add(new NameValueHeaderValue("no-cache"));
client.DefaultRequestHeaders.UserAgent.Clear();
client.DefaultRequestHeaders.UserAgent.Add(new ProductInfoHeaderValue("Java", "1.6.0_20"));
client.DefaultRequestHeaders.Accept.Add(new MediaTypeWithQualityHeaderValue("text/html"));
HttpContent _content = new StringContent(ReqContent);
_content.Headers.ContentType = new MediaTypeHeaderValue("application/xml");
_content.Headers.ContentType = new MediaTypeHeaderValue("application/x-www-form-urlencoded");
HttpResponseMessage response = await client.PostAsync(client.BaseAddress, _content);
string result = response.Content.ReadAsStringAsync().Result;
textBox2.Text = response + Environment.NewLine + result;
}
I came across with the same issue as the HTML in response is exactly the same as that attached above.
The problem is actually the client side certificate is not accepted by the server. So what needs to be done is to "register" your client side cert on the server.
There is one more header I got from the response which indicates what server I'm connecting to:
server: WebSEAL/7.0.0.35 (Build 180731)