How to retrieve client certificate in server side and do validation?

In my application, i exposed a demo rest API "testAPI", also created a rest consumer API to consume it.

In the consumer side, i added the certificate in "OnBeforeRequestAdvanced" callback, which is successfully.

in publisher side, i tried to call  "RetrieveClientCertificate()" extension in "OnRequest" callback, which is failed.

Code segment in "RetrieveClientCertificate()" works like :

  "byte[] certificateBytes = HttpContext.Current.Request.ClientCertificate.Certificate;
   X509Certificate2 cert2 = new X509Certificate2(certificateBytes);"


Anyone else know how to retrieve the client certificate in API publisher side "OnRequest" callback?

Hi,


Did you try built in functions?


Also, are you using https and have end-to-end ssl without offloading (since most proxy configurations limits the use of client certificates)?

You should also add a web screen on your module that requires client certificates, that will ensure the app gets configured in IIS with the correct configurations.


Regards,

João Rosado