Programmatically Install Certificate into Windows Certificate Store


B

Brad

I have a Personal Information Exchange PCKS #12 certificate file that
requires a password when manually installing. This certificate was
issued by a 3rd party company I need to communicate with via https.
Initially I exported the PCKS #12 certificate to a DER encoded binary
X.509 certificate and used the following code to reference it in my
application:

// Create Certificate
X509Certificate cert = X509Certificate.CreateFromCertFile(strCertPath);



// Create request
HttpWebRequest req =
(HttpWebRequest)WebRequest.Create("https://serverurl/");


// Add Certficate
req.ClientCertificates.Add(cert);


This works great as long as the original PCKS #12 cert is installed in
the Windows Certificate Store on the maching running the application.
Rather than having to go around to each client's computer and manually
installing this certificate on their machine so my application will
run, I would like to programmatically search the certificate store for
the PCKS #12 cert and, if it doesn't exist, install it on the fly.
Could anyone help me with this task? I've heard of CAPICOM, but most
of the references I've seen to it have either been relatively confusing

or not addressing the task at hand. Thanks in advance for any help.
 
Ad

Advertisements

M

Michael D. Ober

Are you in a domain? If so, you can install via GPO.

Mike Ober.
 
Ad

Advertisements

B

Brad

Mike,

Thanks for the response. I was able to get everything to work for a
Windows form application, but now it's been moved to an N-tier system
and it no longer works. Now I get a 403 Forbidden error using
identical code. I'm not sure if the problem is that the ASP.NET user
doesn't have access to the cert or what. I know it has access to the
..cer file that I exported from the .p12 file. I also know the original
P12 certificate has been installed on the machine the business layer
runs on. I get the same 403 error when I attempt to debug the app with
everything running on my local machine. I've installed the
certificates to the Personal and Trust Root stores for the "ASP.NET
State Service" as well as for the "Local Machine" via the MMC. Any
ideas what's up?
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top