Add Certificate X509 with passphrase key to Webservice request

Question

I'm having trouble with adding a new SSL certificate to my webService request.

                var client = new RestClient(tokenUrl);
                string certif = String.Format("{0}/client.cer", CertifPath);
                string key = String.Format("{0}/client.key", CertifPath);

                if (File.Exists(certif) && File.Exists(key))
                {

                    X509Certificate2 cert = new X509Certificate2(certif, key); 
                    X509CertificateCollection collection1 = new X509CertificateCollection();
                    collection1.Add(cert);
                    client.ClientCertificates = collection1; 
                }

I'm getting as a response : 400 no required ssl certificate was sent nginx !!!!.

In Addition : When i use PostMan Or SoapUI .I a must add a third secret key(passphrase) to be able to get response. ex :Add certificate via postman

My Question is How can i add this third parameter(secret key) in my request c# ?.

There is another way to implement certificate to my request ???

score 0 · Answer 1 · answered Mar 16 '18 at 10:31

0

Can you use that neat little piece of code that let's you do exactly that :

byte[] certBuffer = Helpers.GetBytesFromPEM(publicCert, PemStringType.Certificate);
byte[] keyBuffer  = Helpers.GetBytesFromPEM(privateKey, PemStringType.RsaPrivateKey);

X509Certificate2 certificate = new X509Certificate2(certBuffer, password);

RSACryptoServiceProvider prov = Crypto.DecodeRsaPrivateKey(keyBuffer);
certificate.PrivateKey = prov;

answered Mar 16 '18 at 10:31

Monkey D Zak

1
1

Thinks Zakariya for your comment :) .The solution was very easy !!! : i should encapsulate all three information (.cer, .key and the passphrase) in one certificate (.pfx) . – brahim LAISSAOUI Mar 18 '18 at 10:48

brahim LAISSAOUI · Accepted Answer · 2018-03-18T11:53:04.020

Solution :

I wasted a lot of time to search for how can include three informations (Certificat.cer,certif.key and the passphrase) in one Rest call. The solution was easy:

the certificate Object is very flexible : i can encapsulate the three information in one certificate called (.pfx) using OpenSSL.
you can install OpenSSL via : http://slproweb.com/download/Win64OpenSSL_Light-1_1_0g.exe
After this commande : openssl pkcs12 -export -out certificate.pfx -inkey client.key -in client.cer.
A new file is generated : certificate.pfx.
So Now I can easly include my new certificate without any ERRORS :) .

Add Certificate X509 with passphrase key to Webservice request

2 Answers2

Solution :