Shows code that implements a System.Web.Mvc controller for renewing certificates.
Banking app web service for certificate renewal
The Windows Store app for banking requires a web service that provides certificate checking and renewal endpoints.
The following code example shows how to implement a System.Web.Mvc controller that checks and renews certificates.
using System; using System.Collections.Generic; using System.Linq; using System.Web; using System.Web.Mvc; using System.Security.Cryptography.X509Certificates; using CERTCLILib; namespace BankServer.Controllers { public class RenewalController : Controller { internal abstract class Constants { // Constants for property IDs public const int CR_PROP_CAXCHGCERT = 15; //constants for data types and indexed status public const int PROPTYPE_BINARY = 0x3; //Constants for binary flags public const int CV_OUT_BASE64 = 0x1; public const int CR_DISP_ERROR = 0x1; public const int CR_DISP_DENIED = 0x2; public const int CR_DISP_ISSUED = 0x3; public const int CR_DISP_UNDER_SUBMISSION = 0x5; public const int CR_IN_BASE64HEADER = 0; public const int CR_IN_BASE64 = 0x1; public const int CR_IN_BINARY = 0x2; public const int CR_IN_ENCODEANY = 0xff; public const int CR_IN_FORMATANY = 0x00; public const int CR_IN_ROBO = 0x00200000; public const int CR_IN_PKCS10 = 0x100; public const int CR_IN_PKCS7 = 0x300; public const int CR_IN_CMC = 0x400; public const int CR_IN_FORMATMASK = 0xff00; public const int CR_IN_CLIENTIDNONE = 0x00400000; public const int CR_IN_CONNECTONLY = 0x00800000; public const int CR_OUT_BASE64HEADER = 0x0; public const int CR_OUT_BASE64 = 0x1; public const int FR_PROP_FULLRESPONSE = 1; // Binary // Constant strings for all logging, and hardcoded strings public const string TOKEN_TYPE_TEXT = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; public const string SOAP_ENVELOPE_NS_TEXT = "http://www.w3.org/2003/05/soap-envelope"; } [HttpPost] public JsonResult CheckCert() { var result = new JsonResult(); DateTime currentDate = DateTime.Now; long twoMonthsTicks = 51840000000000; HttpClientCertificate clientCert = Request.ClientCertificate; if (clientCert != null && clientCert.Certificate != null && clientCert.Certificate.Length > 0) { X509Certificate2 mycert = new X509Certificate2(clientCert.Certificate); if (mycert.NotAfter.Ticks < currentDate.Ticks + twoMonthsTicks) { result.Data = new { renew = true, hasCert = true, pfx = false, // Server policy user = mycert.SubjectName.Name }; } else { result.Data = new { renew = false, hasCert = true }; } } else { result.Data = new { renew = false, hasCert = false }; } return result; } [HttpPost] public JsonResult RenewP10(string request) { const string CAConfig = "Devt-StandAloneCA.enrolldev.nttest.microsoft.com\\enrolldev-Devt-StandAlone-CA"; ICertRequest CertRequest = new CCertRequest(); CertRequest.Submit(Constants.CR_IN_ENCODEANY, request, "", CAConfig); string certificate = CertRequest.GetCertificate(Constants.CR_OUT_BASE64); var result = new JsonResult(); result.Data = new { certificate = certificate }; return result; } } }
Related topics
- System.Security.Cryptography.X509Certificates
- System.Web.Mvc
- CertificateEnrollmentManager
- PasswordVault
- Working with certificates
- Creating a Windows Store app for banking
- Create a Windows Store app for banking: resources
Build date: 10/26/2012
