Selecting

[Wilfried]

I want to read the Elements of the Subject of a client certificate sent to a
Web Service via HTTPS. This can be done by the following code segment...

[WebMethod]
public string echoCert()
{
string result = String.Empty;
HttpClientCertificate cert = this.Context.Request.ClientCertificate;
if (cert.IsPresent)
{
result = result + "Subject: " + cert.Subject + "\n";
result = result + "SubjectCN: " + cert.Get("SUBJECTCN") + "\n";
result = result + "SubjectOU: " + cert.Get("SUBJECTOU") + "\n";
...
return result;
}

My question: How can I read more than one OU= Element in the certificate?

[[MSFT]]

Hello,

The HttpClientCertificate is actually a NameValueConnection object. The
values in the collection can only be accessed by index. And it provide two
method to the get the values, Get() and GetValues(). I think you have to
read the Elements one by one as you have done in the code since
NameValueConnection didn't provide a method to read multiple values.

Luke

(This posting is provided "AS IS", with no warranties, and confers no
rights.)

[Wilfried]

Hello,

thank you for your reply. Unfortunately there seems to be a gap between
theory/documentation and praxis:

In my understanding the following code should read all values in the
Collection (which is made up by keyed string arrays):

HttpClientCertificate cert = this.Context.Request.ClientCertificate;
for (int k=0;k<cert.Count;k++)
{
string[] sa = cert.GetValues(k);
for (int i=0;i<sa.Length;i++)
{
result += sa[i];
}
}

The line string[] sa = cert.GetValues(k) returned null, but the Get()-method
(as cert.Get("ISSUEROU") do work - and returned multiple OU-Elementes in one
string separated by semicolon (like ISSUEROU := "org1;org2")



"[MSFT]" wrote:

> Hello,
>
> The HttpClientCertificate is actually a NameValueConnection object. The
> values in the collection can only be accessed by index. And it provide two
> method to the get the values, Get() and GetValues(). I think you have to
> read the Elements one by one as you have done in the code since
> NameValueConnection didn't provide a method to read multiple values.
>
> Luke
>
> (This posting is provided "AS IS", with no warranties, and confers no
> rights.)
>
>

[[MSFT]]

Hello,

To use Get() or GetValues, it depends on what had been saved in the
collection. If the item in the collection is string, Get() should be used;
if it is an string array, GetValues() should be used. ISSUEROU is actually
a string, not a atring array, so that we can only use Get(0 to retrieve the
value. To seperate the string to an array like:

["org1","org2",...]

You may consider the String object's Split Method.

Hope this help,

Luke

[Wilfried]

Thank you very much.
Can you route me to some information about what is saved as string and what
is saved as array? Is it possible, that Certificate is a collection to which
all information is stored as (semicolon separated?) strings?

/wh

"[MSFT]" wrote:

> Hello,
>
> To use Get() or GetValues, it depends on what had been saved in the
> collection. If the item in the collection is string, Get() should be used;
> if it is an string array, GetValues() should be used. ISSUEROU is actually
> a string, not a atring array, so that we can only use Get(0 to retrieve the
> value. To seperate the string to an array like:
>
> ["org1","org2",...]
>
> You may consider the String object's Split Method.
>
> Hope this help,
>
> Luke
>
>

[[MSFT]]

Thank you for the reply. Regarding the question, I think we can use
following code get a field's type:

cert["SUBJECTCN"].GetType()

This should be able to tel us the actual type of a field in the collection.

Luke

[[MSFT]]

Is there any further questions on this issue? If so, please feel free to
post here.

Regards,

Luke