.netasp.net-core.net-6.0webapiclient-certificates
Certificate Based Authentication in ASP.Net core Web API Not Working
I am trying to implement Certificate based Authentication in .NET 6 WEB API, but I am getting below error while calling the API's end points. I am adding the certificate in HttpClientHandler also
Please let me know the solution for this error.
Error:
My Project Code below,
Program.cs
public class Program
{
public static void Main(string[] args)
{
CreateHostBuilder(args).Build().Run();
}
public static IHostBuilder CreateHostBuilder(string[] args) =>
Host.CreateDefaultBuilder(args)
.ConfigureWebHostDefaults(webBuilder =>
{
webBuilder.UseStartup<Startup>();
webBuilder.ConfigureKestrel(options =>
{
options.ConfigureHttpsDefaults(o =>
{
o.ClientCertificateMode = ClientCertificateMode.RequireCertificate;
});
});
});
}
Startup.cs
public class Startup
{
public Startup(IConfiguration configuration)
{
Configuration = configuration;
}
public IConfiguration Configuration { get; }
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.AddTransient<CertificateValidationService>();
services.ConfigureAuthetication();
services.AddControllers();
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "CertificateAuth", Version = "v1" });
});
}
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
app.ConfigureExceptionHandler(env);
if (env.IsDevelopment())
{
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "CertificateAuth v1"));
}
app.UseHttpsRedirection();
app.UseRouting();
app.UseAuthentication();
app.UseAuthorization();
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
});
}
}
CertificateValidationService.cs
public class CertificateValidationService
{
public bool ValidateCertificate(X509Certificate2 clientCertificate)
{
var cert = new X509Certificate2(Path.Combine("dev_cert.pfx"), "1234");
if (clientCertificate.Thumbprint == cert.Thumbprint)
{
return true;
}
return false;
}
}
WeatherForecastController.cs
[ApiController]
[Route("[controller]")]
[Authorize]
public class WeatherForecastController : ControllerBase
{
private static readonly string[] Summaries = new[]
{
"Freezing", "Bracing", "Chilly", "Cool", "Mild", "Warm", "Balmy", "Hot", "Sweltering", "Scorching"
};
private readonly ILogger<WeatherForecastController> _logger;
public WeatherForecastController(ILogger<WeatherForecastController> logger)
{
_logger = logger;
}
[HttpGet(Name = "GetWeatherForecast")]
public IEnumerable<WeatherForecast> Get()
{
return Enumerable.Range(1, 5).Select(index => new WeatherForecast
{
Date = DateTime.Now.AddDays(index),
TemperatureC = Random.Shared.Next(-20, 55),
Summary = Summaries[Random.Shared.Next(Summaries.Length)]
})
.ToArray();
}
}
Client App for testing the API
using System.Security.Cryptography.X509Certificates;
var cert = new X509Certificate2(@"dev_cert.pfx", "1234");
var handler = new HttpClientHandler();
handler.ClientCertificates.Add(cert);
var client = new HttpClient(handler);
var request = new HttpRequestMessage()
{
RequestUri = new Uri("https://localhost:7251/weatherforecast"),
Method = HttpMethod.Get,
};
var response = await client.SendAsync(request);
if (response.IsSuccessStatusCode)
{
var responseContent = await response.Content.ReadAsStringAsync();
Console.WriteLine(responseContent);
}
Solution
We have to import the CA certificate to current machine
- Click Start and type “Manage Computer Certificates”. You will see the below,
- Select “Trusted Root Certification Authorities- Certificates – All Tasks- Import” and add the CA certificate to it. You will be asked to provide the password. Here provide the password used to generate the CA certificate file.
- Quartz.net: How to create jobs using Dependency Injection
- MemoryStream - Cannot access a closed Stream
- Custom Compiler Warnings
- Cannot find Assert.Fail and Assert.Pass or equivalent
- How to reduce the margin between two buttons in below WPF code
- Bad Request When Using PostAsJsonAsync C#
- How to use RouteValues using MvcPaging2.0 in MVC3?
- How to change visibility for some TreeDataGrid rows?
- Dynamically Added LinkButtons Don't Fire OnClick Event
- How to retrieve actual item from HashSet<T>?
- Retrieve 10 records from MySQL?
- Entity data model designer won't open the edmx file
- How can you inherit from a sealed class using reflection in .Net?
- Azure .NET SDK: Scale Azure SQL databases through SDK
- SortedList Doesn't taking multiple objects in C#
- Using System.Text.Json to Serialize an IConfiguration back to Json
- In v8 of highcharts implemented multiple highcharts in a single view but not working in the upgraded version GetHighchartsJS
- IBrowserFile FromIMageFileAsync incomplete image
- Can't repoduce call stack in one of my programs
- What's the fastest way to read a text file line-by-line?
- What is the difference between Environment.CurrentDirectory and Directory.GetCurrentDirectory?
- Automapper: passing parameter to Map method
- What is the difference between String and string in C#?
- error MSB3073: The command "npm install" exited with code 1
- What's the algorithm behind Robocopy?
- ASP. NET Core 8: Error HTTP 500 and returnurl=%2F in the URL
- Decompressing Large Gzip File not working using System.IO.Compression
- mlContext.Data.CreateEnumerable uses the init property?
- Why should I prefer single 'await Task.WhenAll' over multiple awaits?
- Implicit casting / polymorphism with a Dictionary in C#