Make an HTTP request with a client certificate without PFX installed on the computer?
I have a small console application that uses a client certificate to create an HttpWebRequest:
X509Certificate Cert = X509Certificate.CreateFromCertFile("JohnDoe.cer");
HttpWebRequest Request = (HttpWebRequest)
WebRequest.Create("https://10.135.12.166:4434");
Request.ClientCertificates.Add(Cert);
Request.UserAgent = "Client Cert Sample";
Request.Method = "GET";
HttpWebResponse Response = (HttpWebResponse) Request.GetResponse();
I will have access to the corresponding .pfx file when executing this code on my machine and I believe I am using something mentioned in this thread . I will be able to install the pfx file on my computer, but I don't want to.
Is there a way that I can make this request with the pfx cert somehow tied in the request? I mean, just replacing JohnDoe.cer with JohnDoe.pfx in the above code or something?
Thank.
EDIT . The whole point of this question is that I need a way to work with the certificate without having to install it on my computer . I can use it the way esskar and xaver suggested, but I don't want to install the certificate on my machine. If this cannot be done, any chance can provide an explanation why we cannot do this?
source to share
PFX is a container that can contain one or more certificates. You can open them in C # using the following code
X509Certificate2Collection collection = new X509Certificate2Collection();
collection.Import("JohnDoe.pfx", "password-for-pfx", X509KeyStorageFlags.PersistKeySet);
now iterate over the collection and find the required certificate
foreach (X509Certificate2 cert in collection)
{
// work with cert
}
this should help you!
Question
what does installation mean? Copy it to the car? is it okay to put it in your program? you cannot use only the CER file as the CER file does not contain the private key that you need to authenticate the client.
source to share