Using SSL client certificate in WebRequest and WebServices without certificate installation

If you are using .Net frameworks 1.0 or 1.1, certificate must be installed on either User store or Machine Store. This posting is only valid for v2.0.

In version 2.0 (Currently released Whidbey Beta1) user have option to use the certificate which contain the private key without installing it on certificate store.

In general it is not recommended practice to store certificate as file and not install in certificate store. In some special cases user might not have access for certificate installation (e.g. Webbhosting site only allow ftp access to users). In such case you can store full certificate file (include private key) on a share and use it for client certiificate based SSL authentication.

System.Security.Cryptography.X509Certificates namespace provide classes to create X509CertificateEx instance with private key persistence like below

X509CertificateEx Cert = new X509CertificateEx();

Cert.Import(_certificateFilieName,_certificatePassword,X509KeyStorageFlags.PersistKeySet);

If you add X509CertificateEx instance as mentioned above to client certificate collection of HttpWebRequest or WebService instance, certificate base authentication would work without installing certificateon cetificate store of the machine.

This posting is provided "AS IS" with no warranties, and confers no rights