Hi,
Could you please give an example of how to validate client certificates on the server with RemObjects SDK for .NET? I need to be able to do custom validation of the certificate to only allow certain clients whose public certificates I have.
I added an event handler for my IpHttpServerChannel’s HttpServer.SslOptions.ValidateRemoteCertificate, but the Certificate property in the event args is always null when a certificate is set up on the client.
Thanks
Hello.
Can you describe the problem more detailed or create simple testcase to show the problem in action?
Also please take a look at RemObjects SDK FAQ:
http://wiki.remobjects.com/wiki/Channel_FAQs_(RemObjects_SDK)#How_can_I_enable_SSL_for_IpHttpServerChannel.3F
and
http://wiki.remobjects.com/wiki/Channel_FAQs_(RemObjects_SDK)#How_can_I_enable_SSL_for_HttpSysServerChannel_or_HttpSysSuperHttpServerChannel_server_channel_.28.NET.29.3F .
Thanks in advance.
Hi, thanks for the response.
Mutual Authentication is SSL on the server AND authentication of the client by its certificate. The server checks the client certificate to identify the client instead of username+password or Active Directory.
I did read all the documentation and server-side SSL is working fine. On http://wiki.remobjects.com/wiki/SslConnectionFactory_Class it says:
"Certificate
This certificate contains the public AND private key to use for this TLS connection. When used for clients, it will contain the key to use for client authentication to the server, which is usually optional."
I tried a few things, but could not figure out how to do client authentication on the server with the client’s SSL certificate.
Please have a look at mutual authentication:
and
also
http://msdn.microsoft.com/en-us/library/ff648360.aspx
Regards
Hello.
Sorry, but can you provide also testcase with the problem to investigate it in details?
Thanks in advance.
Hi andreyt,
I cannot provide a test case since I do not know how to do this with RemObjects…
RemObjects’ documentation says “When used for clients, it will contain the key to use for client authentication to the server”. My question is How do I do client authentication with the certificate key?
I need to get the client’s certificate key/thumbprint on the RemObjects service, but I do not know where to find this information. When I have the key, I can easily use it to identify and authenticate the client.
Can you get someone else from RemObjects involved with the question? I asked for help 4 days ago and am no closer to a solution. It is getting time-critical on my side 
Thanks
Hello.
Unfortunately, nowadays Mutual Authentication is officially not supported. Nowadays we are working on full support for SSL both on the client and on the server sides. But we will look what we can do now to solve the problem.
Thanks
Hi,
Do you have an idea when the SSL improvements are scheduled for release? It was mentioned almost a year ago the post below, but the last few RO SDK releases contain only minor bug fixes - no new features.
http://connect.remobjects.com/discussion/comment/6928#Comment_6907
Thanks
Any idea? The notes for 7.0.68.1077 do not show any new features…
major SSL changes will not be in the May release i’m afraid.