Client how to To:set up Client certificates
J.D Meier, Alex Mackman, Michael dunner, and Srinath Vasireddy
Microsoft Corporation
November 2002
Microsoft®asp.net
Microsoft Visual studio®.net
The Landing Page for a starting point and complete overview of building Secure asp.net applications.
Summary:iis supports client certificate authentication. This is shows to the Configure a WEB application to require client certificates. It also shows to install a certificate on a client computer and use it when calling the Web application. (5 printed pages)
Contents
Requirements
Summary
Additional Resources
WEB services often need to is able to authenticate their callers (the other applications) in the order to perform authorization. Client certificates provide a excellent authentication mechanism for WEB services. When to use client certificates, your application also benefits the creation of a secure channel (using secure Socke TS Layer [SSL]) between the client application and Web service. This allows your to securely send confidential information to and from the Web service. SSL ensures message integrity and confidentiality.
This I to includes step-by-step instructions to call a WEB service of that are configured to require client certificates.
Note the "information in" to also applies to remote components hosted by IIS.
Requirements
The following items describe the recommended hardware, software, network infrastructure, skills and knowledge, and service Packs you'll need.
· microsoft®windows®2000 Server operating system with Service Pack 2
· Microsoft Visual studio®.net development system
· Access to a Certificate authority (CA) to generate new certificates
· A Web Server with an installed server certificate
For more information about installing Web server certificates, do you have a Web server in the Reference sec tion of this guide.
The procedures in this How to also require, have knowledge of asp.net Web development with the Microsoft Visual C # ™development tool.
Summary
This includes the following procedures:
1. Create a simple Web application
2. Configure the Web application to Require Client certificates
3. Request and Install a Client certificate
4. Verify Client Certificate Operation
1. Create a simple Web application
To create a simple WEB application
1. Start Visual Studio. NET and create a new C # asp.net Web application called Secureapp.
2. Drag a Label control from the Toolbox onto the WebForm1.aspx Web form, and then set's its ID.
3. Drag a second label onto WebForm1.aspx and set its ID to Certdata.
4. Add the following code to the Page_Load event procedure.
5. String Username;
6. Username = User.Identity.Name;
7. Message. Text = "Welcome" + username;
8. HttpClientCertificate cert = request.clientcertificate;
9. if (cert. Ispresent)
10. {
Certdata.text = "Client certificate retrieved";
12.}
. else
14. {
Certdata.text = "No client certificate";
16.}
On the "Build" menu, click Build Solution.
Start Internet Explorer and navigate to http://localhost/SecureApp/WebForm1.aspx.
The page should be displayed with the messages "Welcome" (no user name are displayed because the user has not been Authenti cated) and "No client certificate."
Close Internet Explorer.
2. Configure the Web application to Require Client certificates
This is procedure uses Internet information Services (IIS) to configure your WEB application's virtual directory to require C Ertificates.
This procedure assumes to have a valid certificate installed on your WEB server. For more information about installing Web server certificates, and how to to:set up SSL on a Web server.
To configure your Web APPL
