stackoom
  简体   繁体   中英

How to use client certificate for HTTPs requests in UWP app

 原文  2018-08-14 19:34:59       c#/ uwp

Question

I'm writing an app that needs to make some HTTPs requests that use a client certificate. However, I can't find any documents on how to install the certificate and then load it for use. I know that you can use the certificate by making a HttpBaseProtocolFilter and adding a certificate but how do you load the certificate for use here? And if you have a .pfx file with your client certificate, how do you install it with your package?

Thanks in advance!

1 answers

solution1
 0 ACCPTED  2019-01-05 19:11:25

For what it's worth, I ended up figuring this out using a mix of the Portable.BouncyCastle NuGet package and some UWP APIs. Some sample (pseudo-ish) code for what I did is below: 

// Asymmetric key pair
RsaKeyPairGenerator keyPairGenerator = new RsaKeyPairGenerator();
keyPairGenerator.Init(
    new KeyGenerationParameters(
        new SecureRandom(new CryptoApiRandomGenerator()), 2048));
AsymmetricCipherKeyPair keyPair = keyPairGenerator.GenerateKeyPair();

// Create certificate
X509V3CertificateGenerator generator = new X509V3CertificateGenerator();
generator.SetSubjectDN("foo");
generator.SetIssuerDN("foo");
generator.SetSerialNumber(new BigInteger("12345").Abs());
generator.SetNotBefore(DateTime.UtcNow);
generator.SetNotAfter(DateTime.UtcNow + TimeSpan.FromYears(1));
generator.SetPublicKey(keyPair.Public);

BouncyCastleX509Certificate certificate =
    generator.Generate(
        new Asn1SignatureFactory("SHA1WithRSA", keyPair.Private));

// Create PKCS12 certificate bytes.
Pkcs12Store store = new Pkcs12Store();
X509CertificateEntry certificateEntry = new X509CertificateEntry(certificate);
string friendlyName = "Friendly Name";
string password = "password";
store.SetCertificateEntry(friendlyName, certificateEntry);
store.SetKeyEntry(
    friendlyName,
    new AsymmetricKeyEntry(keyPair.Private),
    new X509CertificateEntry[] { certificateEntry });
string pfxData;
using (MemoryStream memoryStream = new MemoryStream(512))
{
    store.Save(memoryStream, password.ToCharArray(), this.SecureRandom);
    pfxData = CryptographicBuffer.EncodeToBase64String(memoryStream.ToArray().AsBuffer());
}

// Add the certificate to the cert store
await CertificateEnrollmentManager.ImportPfxDataAsync(
    pfxData,
    password,
    ExportOption.NotExportable,
    KeyProtectionLevel.NoConsent,
    InstallOptions.DeleteExpired,
    friendlyName);

// Read the UWP cert from the cert store
Certificate uwpCertificate =
    (await CertificateStores.FindAllAsync(
        new CertificateQuery { FriendlyName = friendlyName }))[0];

// Create the UWP HTTP client.
HttpBaseProtocolFilter filter = new HttpBaseProtocolFilter();
filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.Untrusted);
filter.IgnorableServerCertificateErrors.Add(ChainValidationResult.InvalidName);
filter.ClientCertificate = uwpCertificate;
HttpClient httpClient = new HttpClient(filter);

// Profit!

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question UWP app HttpClient HTTPS client certificate problems How to use ssl certificate in uwp TLS client certificate authentication on UWP Windows Store app Use a pfx file for Certificate with VS2019 building a uwp app How to use autofac in an UWP app? How to use this AdaptiveTrigger in UWP App How to certificate an UWP .appxbundle? How to RestSharp add client certificate in Https request? (C#) Client certificate authentication on certain requests Using client certificate with python requests
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM