Re: [ADVANCED-DOTNET] Accessing files over HTTPS -> for Peter Ritchie

[Eddie Lascu]

Hello Dean,

I just entered this fascinating world and I am completely inexperienced. I
really don't know what is the difference between a server certificate and a
client certificate. Given that I had to install the digital certificate on
my client machine (although the certificate was provided by the company that
hosts the server I am trying to access) my guess is that it is a client
certificate.
In my case I am trying to implement an automated process, w/o human
intervention. There should be no login step and I believe that is why I was
presented with the digital certificate I had to install.

Thanks,
Eddie


-----Original Message-----
From: Discussion of advanced .NET topics.
[mailto:[EMAIL PROTECTED] Behalf Of Dean Cleaver
Sent: Tuesday, July 10, 2007 12:36 PM
To: ADVANCED-DOTNET@DISCUSS.DEVELOP.COM
Subject: Re: [ADVANCED-DOTNET] Accessing files over HTTPS -> for Peter
Ritchie


Eddie,

Can you clarify - are you using a server certificate (standard https) or
are you using a client certificate? The code below appears as if you're
using a client certificate.

I retrieve files over HTTPS with just a server certificate like this:


public static bool Retrieve(string url, string userName, string
password, string fileName)
{
        WebClient client = new WebClient();
        client.Credentials = new NetworkCredential(userName, password);
        ServicePointManager.ServerCertificateValidationCallback =
ValidateServerCertificate;

        try
        {
                client.DownloadFile(url, fileName);
                return true;
        }
        catch
        {
                return false;
        }
}

public static bool ValidateServerCertificate(
          object sender,
          X509Certificate certificate,
          X509Chain chain,
          System.Net.Security.SslPolicyErrors sslPolicyErrors)
{
        if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None)
                return true;

        Console.WriteLine("Certificate error: {0}", sslPolicyErrors);

        // Do not allow this client to communicate with unauthenticated
servers.
        return false;
}


In my case, I have to log into the remote server as well, hence the
username, password and the NetworkCredential - you can remove those if
the remote server is not protected.

Cheers,
Dino

===================================
This list is hosted by DevelopMentor®  http://www.develop.com

View archives and manage your subscription(s) at http://discuss.develop.com