'Send rest request with attached pfx certificate
I'm trying to consume an API that uses a certificate as an authentication method.
I tried two methods but i get the same issue (The request was aborted: Unable to create a secure SSL/TLS channel.)
Method 1:
var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
string certificatePath = @"certificates/certificate.pfx";
string pass = "password";
handler.ClientCertificates.Add(new X509Certificate2(certificatePath, pass));
var client = new HttpClient(handler);
var dataToAuth = new StringContent(body, Encoding.UTF8, "application/json");
var request = client.PostAsync("https://api.com/oauth/v2/token", dataToAuth).GetAwaiter().GetResult();
var response = request.Content.ReadAsStringAsync().GetAwaiter().GetResult();
return response;
Method 2:
var client = new RestClient("https://api.com/oauth/v2/token");
client.Timeout = -1;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
var certFile = Path.Combine(@"certificates/", "certificate.pfx");
X509Certificate2 certificate = new X509Certificate2(certFile, "password");
client.ClientCertificates = new X509CertificateCollection() { certificate };
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
string jsonPreInscription = new JavaScriptSerializer().Serialize(body);
request.AddParameter("application/json", jsonPreInscription, ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
if (response.StatusCode == HttpStatusCode.OK)
{
return response;
}
return response;
I really can't see the problem and i tried also the two methods using the .cer file and it's key.
I would be greatful for any ideas.
Solution 1:[1]
so the problem was the method used to hash the certificate itself.
aperantly the version of the certificate needs the X509Certificate method instead of the X509Certificate2 i was using(for my case).
here is the updated working code :
var handler = new HttpClientHandler();
handler.ClientCertificateOptions = ClientCertificateOption.Manual;
ServicePointManager.Expect100Continue = true;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;
string certificatePath = @"certificates/certificate.pfx";
string pass = "password";
handler.ClientCertificates.Add(new X509Certificate(certificatePath, pass));
var client = new HttpClient(handler);
var dataToAuth = new StringContent(body, Encoding.UTF8, "application/json");
var request = client.PostAsync("https://api.com/oauth/v2/token", dataToAuth).GetAwaiter().GetResult();
var response = request.Content.ReadAsStringAsync().GetAwaiter().GetResult();
I hope no one suffers as i did to figure this out :)
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | achref bouaoun |