public static void AddClientCertificate(ref HttpWebRequest request) { request.ClientCertificates.Add( CertificateLoader.LoadCertificate( ConfigVariables.ClientCertificateStoreName, ConfigVariables.ClientCertificateStoreLocation, ConfigVariables.ClientCertificateThumbprint)); }
public static SecurityToken IssueToken(string entityId) { var certificate = CertificateLoader.LoadCertificate( ConfigVariables.ClientCertificateStoreName, ConfigVariables.ClientCertificateStoreLocation, ConfigVariables.ClientCertificateThumbprint); var absoluteUri = new Uri(entityId).AbsoluteUri; return(SendSecurityTokenRequest(absoluteUri, certificate, ConfigVariables.Cvr)); }
private DemoPortType CreateChannel(SecurityToken token, string endpointUrl) { DemoPortTypeClient demoPortType = new DemoPortTypeClient(); // Disable revocation checking (do not use in production). // Should be uncommented if you intent to call DemoService locally. // demoPortType.ClientCredentials.ServiceCertificate.Authentication.RevocationMode = System.Security.Cryptography.X509Certificates.X509RevocationMode.NoCheck; EndpointIdentity identity = EndpointIdentity.CreateDnsIdentity(ConfigVariables.ServiceCertificateAlias); EndpointAddress endpointAddress = endpointUrl != null ? new EndpointAddress(new Uri(endpointUrl), identity) : new EndpointAddress(demoPortType.Endpoint.Address.Uri, identity); demoPortType.Endpoint.Address = endpointAddress; var certificate = CertificateLoader.LoadCertificate( ConfigVariables.ClientCertificateStoreName, ConfigVariables.ClientCertificateStoreLocation, ConfigVariables.ClientCertificateThumbprint); demoPortType.ClientCredentials.ClientCertificate.Certificate = certificate; demoPortType.Endpoint.Contract.ProtectionLevel = ProtectionLevel.Sign; return(demoPortType.ChannelFactory.CreateChannelWithIssuedToken(token)); }
private static IWSTrustChannelContract GenerateStsCertificateClientChannel(X509Certificate2 clientCertificate) { var stsAddress = new EndpointAddress(new Uri(ConfigVariables.StsEndpoint), EndpointIdentity.CreateDnsIdentity(ConfigVariables.StsCertificateAlias)); var binding = new MutualCertificateWithMessageSecurityBinding(null); var factory = new WSTrustChannelFactory(binding, stsAddress); factory.TrustVersion = TrustVersion.WSTrust13; factory.Credentials.ClientCertificate.Certificate = clientCertificate; var certificate = CertificateLoader.LoadCertificate( ConfigVariables.StsCertificateStoreName, ConfigVariables.StsCertificateStoreLocation, ConfigVariables.StsCertificateThumbprint); factory.Credentials.ServiceCertificate.ScopedCertificates.Add(stsAddress.Uri, certificate); factory.Credentials.ServiceCertificate.Authentication.CertificateValidationMode = X509CertificateValidationMode.None; // Disable revocation checking (do not use in production) // Should be uncommented if you intent to call DemoService locally. //factory.Credentials.ServiceCertificate.Authentication.RevocationMode = X509RevocationMode.NoCheck; factory.Endpoint.Contract.ProtectionLevel = ProtectionLevel.Sign; return(factory.CreateChannel()); }