1

Is it possible to generate a client certificate on-the-fly in ASP.NET without using makecert.exe? the generated certificate should be signed with a given CA certificate (the specific CA certificate is saved on file system and selected at runtime). The generated certificate should be attached to a web request to another server in order to pull data.

The flow:

User asking for an ASP.NET page on IIS -> certificate is generated on IIS using ASP.NET -> calling another server with the certificate attached -> data is returned and is shown on the requested page for the user.

I couldn't find a way for doing natively through the .NET Framework and explored different options such as:

Thanks in advance for your replies.

soguy
  • 265
  • 1
  • 3
  • 10
  • 1
    Please explain your use case a bit better. Why would you want to generate certificates per request? – Doobi Jan 05 '11 at 10:46
  • Did you actually read the [Bouncycastle license](http://www.bouncycastle.org/csharp/licence.html)? – President James K. Polk Jan 06 '11 at 00:25
  • Doobi - Yes. I would like to generate certificates per request and maybe cache for the user on the IIS. GregS - Currently I need to find some solution which doesn't involve 3rd party component if any... – soguy Jan 06 '11 at 07:18

2 Answers2

1

You can also use PKIBlackbox package of our SecureBlackbox components. They let you generate certificates, as well as perform numerous other PKI functions.

Eugene Mayevski 'Callback
  • 45,135
  • 8
  • 71
  • 121
  • Thanks. At the moment, I'm searching for a non 3rd party solution and if not, a free open source one. – soguy Jan 06 '11 at 07:28
  • @soguy if you want pure managed solution, then you would have to write one yourself or use third-party library. Also as far as I know PKCS#10 (certificate requests) are supported only by SecureBlackbox. – Eugene Mayevski 'Callback Jan 06 '11 at 08:01
0

How about using OpenSSL? http://openssl-net.sourceforge.net/

Jamie Treworgy
  • 23,934
  • 8
  • 76
  • 119