"Daniel Lee" <Daniel Lee@discussions.microsoft.com> wrote in message
news:6A7B9E3D-66B0-4456-9FEB-463B59A58537@microsoft.com...
> My company is providing asp.net web service method to a third party
> company.
> It's implmented using client certificate authentication over SSL. My
> network
> manager generated a client certificate for the company. However, the
> company
> decided to create their own. The issue is that they need to have a
> control
> of private key.
>
> Here is my sample for the client code:
>
> com.inswriter.confirm.Service service = new
> com.inswriter.confirm.Service();
>
> // Acknowledge the pipeline and optionally check and see that the Server
> // Certificate matches what you want, in this case
> // "CN=CertName"
>
> ServicePointManager.ServerCertificateValidationCallback = delegate(Object
> sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err) {
> return
> cert.Issuer.Equals(certName); };
>
> // Attach the client certificate,
> X509Certificate c = X509Certificate.CreateFromCertFile(
> @"C:\CertFileDir\lynxder.cer");
>
> service.ClientCertificates.Add(c);
>
> // submit request (no message encryption)
> string response = service.getpolicy(request);
>
>
> My question is:
> Does private key in the certificate involved at all in the client request?
> If not, does it matter who generate the certificate?
>
>
> Thanks in advance
>
>

"Techno_Dex" wrote:

> The idea behind a certificate is there is a public and a private key. You
> can sign your data with your cert's private key and someone on the other end
> with your public key can validate your signed data packet. Certificates are
> based on trust, so as long as you trust the certificate authority chain then
> all is good. In theory, both sides can each have a certificate, then you
> both exchange your public keys which allow you to each sign your data with
> your own private key then validate (unencrypt, etc.) with the public key.
>
> "Daniel Lee" <Daniel Lee@discussions.microsoft.com> wrote in message
> news:6A7B9E3D-66B0-4456-9FEB-463B59A58537@microsoft.com...
> > My company is providing asp.net web service method to a third party
> > company.
> > It's implmented using client certificate authentication over SSL. My
> > network
> > manager generated a client certificate for the company. However, the
> > company
> > decided to create their own. The issue is that they need to have a
> > control
> > of private key.
> >
> > Here is my sample for the client code:
> >
> > com.inswriter.confirm.Service service = new
> > com.inswriter.confirm.Service();
> >
> > // Acknowledge the pipeline and optionally check and see that the Server
> > // Certificate matches what you want, in this case
> > // "CN=CertName"
> >
> > ServicePointManager.ServerCertificateValidationCallback = delegate(Object
> > sender, X509Certificate cert, X509Chain chain, SslPolicyErrors err) {
> > return
> > cert.Issuer.Equals(certName); };
> >
> > // Attach the client certificate,
> > X509Certificate c = X509Certificate.CreateFromCertFile(
> > @"C:\CertFileDir\lynxder.cer");
> >
> > service.ClientCertificates.Add(c);
> >
> > // submit request (no message encryption)
> > string response = service.getpolicy(request);
> >
> >
> > My question is:
> > Does private key in the certificate involved at all in the client request?
> > If not, does it matter who generate the certificate?
> >
> >
> > Thanks in advance
> >
> >
>
>