Hi.
In one of my projects, client certificates are the 50% of project. So, Im doing extensive test. My project is C# targeting .NET 4(before two new versions, I target .Net 4 Client profile, but last versions of Eo.Webbrowser references System.Design and i have to move my target to .Net 4 Full).
I do the test with the last two versions of Eo.Webbrowser, including the new 15.2.41.0.
Im having problems long time ago, but im focused in other tasks of the project and now i need focus in this. Based on other post by trivium, i test new approaches, but never work.
I need to connect to some Spanish government official sites. (This URL is a Certificates test page: "https://serviciostelematicosext.minhap.gob.es/IG/PlataformaDeValidacionInternet/ConCertif/validacion.aspx?p=0").
In prepare a test app. I have one button that reset session and go to url, and in NeedClientCertificateEvent i prepare to choose some options and do some test.
"Button":
Code: C#
webView1.Close(true);
webView1.Destroy();
EO.Base.Runtime.Shutdown();
webView1 = new EO.WebBrowser.WebView();
webControl1.WebView = webView1;
this.webView1.LoadFailed += new EO.WebBrowser.LoadFailedEventHandler(this.webView1_LoadFailed);
this.webView1.NeedClientCertificate += new EO.WebBrowser.GetClientCertificateHandler(this.webView1_NeedClientCertificate);
webView1.LoadUrl("https://serviciostelematicosext.minhap.gob.es/IG/PlataformaDeValidacionInternet/ConCertif/validacion.aspx?p=0");
"NeedClientCertificate" (I translate paths and questions to help you):
Code: C#
X509Certificate cert = null;
byte[] certData = null;
try
{
int input = int.Parse(Microsoft.VisualBasic.Interaction.InputBox("Choose an option", "Choose an option from 1 to 10"));
switch (input)
{
case 1:
cert = new X509Certificate(@"Z:\certificates\certificate1.pfx", "pass");
certData = new X509Certificate(@"Z:\certificates\certificate1.pfx", "pass").GetRawCertData();
break;
case 2:
cert = new X509Certificate2(@"Z:\certificates\certificate1.pfx", "pass");
certData = new X509Certificate2(@"Z:\certificates\certificate1.pfx", "pass").GetRawCertData();
break;
case 3:
cert = new X509Certificate2(@"Z:\certificates\certificate1.pfx", "pass");
certData = new X509Certificate2(@"Z:\certificates\certificate1.pfx", "pass").Export(X509ContentType.Pfx);
break;
case 4:
cert = new X509Certificate(@"Z:\certificates\certificate2.pfx", "pass");
certData = new X509Certificate(@"Z:\certificates\certificate2.pfx", "pass").GetRawCertData();
break;
case 5:
cert = new X509Certificate2(@"Z:\certificates\certificate2.pfx", "pass");
certData = new X509Certificate2(@"Z:\certificates\certificate2.pfx", "pass").GetRawCertData();
break;
case 6:
cert = new X509Certificate2(@"Z:\certificates\certificate2.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
certData = new X509Certificate2(@"Z:\certificates\certificate2.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet).Export(X509ContentType.Pfx);
break;
case 7:
cert = new X509Certificate2(@"C:\certificates\certificate2.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
certData = new X509Certificate2(@"C:\certificates\certificate2.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet).Export(X509ContentType.Pkcs12);
break;
case 8:
cert = new X509Certificate2(@"C:\certificates\certificate1.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
certData = new X509Certificate2(@"C:\certificates\certificate1.pfx", "pass", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet).Export(X509ContentType.Pkcs12);
break;
case 9:
cert = new X509Certificate2(@"C:\certificates\certificate2.pfx", "pass");
certData = new X509Certificate2(@"C:\certificates\certificate2.pfx", "pass").GetRawCertData();
break;
case 10:
cert = new X509Certificate2(@"C:\certificates\certificate1.pfx", "pass");
certData = new X509Certificate2(@"C:\certificates\certificate1.pfx", "pass").GetRawCertData();
break;
}
if (MessageBox.Show("Use certData?", "certData use question", MessageBoxButtons.YesNo) == DialogResult.Yes)
{
e.Continue(certData);
}
else
{
e.Continue(cert);
}
}
catch
{
e.ContinueWithoutCertificate();
}
To test, i Click button, choose an option, and answer yes or no. I test shared folder and C: with all permissions.
When i use Export method, never works.
All this works and with the same results, use or not certData:
Code: C#
cert = new X509Certificate("path_to_certificate", "pass_of_certificate");
//or
cert = new X509Certificate2("path_to_certificate", "pass_of_certificate");
//or
cert = new X509Certificate2("path_to_certificate", "pass_of_certificate", X509KeyStorageFlags.Exportable | X509KeyStorageFlags.PersistKeySet);
//pass to needclienteventargs
e.Continue(cert);
//or
e.Continue(cert.GetRawCertData());
So in my code i decided to use:
Code: C#
X509Certificate cert = null;
try
{
cert = new X509Certificate2("path_to_certificate", "pass_of_certificate");
e.Continue(cert);
}
catch
{
e.ContinueWithoutCertificate();
}
But...... here comes trouble. As you can see in my tests options, i use two different certificates (certificate1.pfx and certificate2.pfx). There are real personal certificates, valids to use in the provided URL.
The test machines are, a few virtual test machines, and other real office machines.
I do some test installing root ca certificate, but without differences.
Certificate test Results (very inconsistent):
Code: C#
Platform Certificate1 Certificate2 Installed .Net version
XP SP3 -135 OK 4
W7 HP 32 OK OK 4.5.2
W7 U 32 OK -135 4.5.2
W7 U 32 -135 -135 4.5.2
W7 U 64 OK -135 4.5.2
W7 U 64 OK -135 4.5.2
W8.1 E 64 -135 OK 4.5.2
W10 64 -135 -135 4.6
W10 32 -135 -135 4.6
W10 64 -135 -135 4.6
WS2012 F -135 -135 4.5
WS Stand 32 Internal crash(NotImplementedException)*
* after updates win, -135 OK 4.5.2
I dont know what differences are between machines or its configurations, or what causing this behavior.
Thanks.