.NET将SSL证书添加到SOAP客户端请求

Question

Using .NET 4.0 framework I'm trying to make a server to server HTTPS SOAP service call. On the client side server, I'm trying to add a local SSL certificate so that the server receiving the call could identify me.

The certificate I'm trying to add is not from the local machine's store (the problem persists even if it is), just a (.cer) file placed as a local file on my machine.

The code works fine and seems to add the certificate, but my System.Net.trace.log file keeps adding the following error for every call: "Cannot find the certificate in either the LocalMachine store or the CurrentUser store." and the server I'm trying to call keeps telling me there's no certificate attached to my request. The final WebException I get is: "The request was aborted: Could not create SSL/TLS secure channel." My GetCertificate function:

private X509Certificate2 GetCertificate()
{
    X509Certificate2 cert;
    try
    {
        cert = new X509Certificate2("MyCertificateFoder\\MyCertificate.cer");
    }
    catch (Exception ex)
    {
        throw;
    }
    return cert;
}

Service call code:

X509Certificate2 cert = GetCertificate();
ServiceClient.ClientCertificates.Add(cert);
serviceMethodResponse = ServiceClient.ServiceMethod(serviceMethodRequest);

Will appreciate any advice.

Thanks

Answer 1

The principal mistake here is that when using SSL with client authentication, a .pfx file (with client private key, certificates, certificate chains, root authority certificates) should be used.

NOT the .cer file.

This is the cause of the error.