Home/ Questions/Q 804305
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-14T23:53:52+00:00

I’m new to cryptography and I’m a bit stuck: I’m trying to connect (from

  • 0

I’m new to cryptography and I’m a bit stuck:

I’m trying to connect (from my development environment) to a web service using HTTPS. The web service requires a client certificate – which I think I’ve installed correctly.

They have supplied me with a .PFX file. In Windows 7, I double clicked the file to install it into my Current User – Personal certificate store.

I then exported a X509 Base-64 encoded .cer file from the certificate entry in the store. It didn’t have a private key associate with it.

Then, in my app, I’m attempting to connect to the service like this:

var certificate = X509Certificate.CreateFromCertFile("xyz.cer"));
var serviceUrl = "https://xyz";
var request = (HttpWebRequest) WebRequest.Create(serviceUrl);
request.ClientCertificates.Add(certificate);
request.Method = WebRequestMethods.Http.Post;
request.ContentType = "application/x-www-form-urlencoded";

I get a 502 Connection failed when I connect.

Is there anything you can see wrong with this method? Our production environment seems to work with a similar configuration, but it’s running Windows Server 2003.

Thanks!

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The underlying problem is that you are only giving your program access to the certificate. To perform authentication, it needs access to the private key too.

    A correctly instantiated X509Certificate2 can carry the private key, and should be passed to ClientCertificates.Add() method. I believe the Import() method can accept a .pfx file as input; the exported .cer file lacks the private key and isn’t useful for client authentication.

    • 0