 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / December 2004How to use certificates?
Certificates are often used to encrypt or sign soap messages in WSE2. I cant understand the usage of certificates in WSE2 samples. The WSE2 sdk provides three certificates: Client Private.pfx, Server Private.pfx and Server Public.cer. Server Public.cer doesn't have a private key. I dont know in which situations they are used and their differences. What kind of certificates dont have private keys? When A sends a message to B, A signs the message with his own private key,and encrypts it with B's public key. When B receives the message, B should verify the signature with A's public key and decrypts the message with his own private key. In such situation, what kinds of certificates should be used? And how can they get the key from the certificate? I hope you can help me! Thank you very much!! > Certificates are often used to encrypt or sign soap messages in WSE2. I cant > understand the usage of certificates in WSE2 samples. The WSE2 sdk provides > three certificates: Client Private.pfx, Server Private.pfx and Server > Public.cer. Server Public.cer doesn't have a private key. I dont know in > which situations they are used and their differences. What kind of > certificates dont have private keys? Client Private is a file that contains both a certificate and the private key for that certificate. It is for use by the client and is typically imported into the CurrentUser\Personal certificate store. Server Private is a file that contains both a certificate and the private key for that certificate. It is for use by the server and is typically imported into the LocalMachine\Personal certificate store. Server Public is a file that contains *only* the servers certificate, no private key. This is used by the client to encrypt messages to the server. > When A sends a message to B, A signs the message with his own private > key,and encrypts it with B's public key. When B receives the message, B > should verify the signature with A's public key and decrypts the message > with his own private key. In such situation, what kinds of certificates > should be used? And how can they get the key from the certificate? See above. Certificates themselves do *not* contain private key information, only public key information. This is why it is safe to share your certificate with someone else. Private keys for certificates are stored separately and Windows maintains a relationship between each certificate and it's private key (if you have the private key installed).  SignatureThis posting is provided "AS IS", with no warranties, and confers no rights. That is great Hervery, but, I want to create my own cert. for testing, How could I sperate the public part of the certificate using makecert? and when I issue cert. from verysign, would they give me the public part as a seperate file ? > > Certificates are often used to encrypt or sign soap messages in WSE2. I cant > > understand the usage of certificates in WSE2 samples. The WSE2 sdk provides [quoted text clipped - 25 lines] > are stored separately and Windows maintains a relationship between each > certificate and it's private key (if you have the private key installed). anther question, should server knows the client public key? I expect that server will know the client public key, server will use it to send a response to the client ? right ? > > Certificates are often used to encrypt or sign soap messages in WSE2. I cant > > understand the usage of certificates in WSE2 samples. The WSE2 sdk provides [quoted text clipped - 25 lines] > are stored separately and Windows maintains a relationship between each > certificate and it's private key (if you have the private key installed). That's right. Regards, Martin Kulov http://www.codeattest.com MCAD Charter Member MCSD.NET Early Achiever MCSD so, how the server know the client public key, WSE policy will read it automatically ? > That's right. > [quoted text clipped - 6 lines] > MCSD.NET Early Achiever > MCSD quick question to the experts, how do I send the client (my machine) public certificate for the remote server ? I tried using the 'Export' option in the MMC and it generated a .cer file. Is this the file which I've to sent him across ? Thanks I'm not sure, But,I think is sent to the client automatically in case ssl? > quick question to the experts, how do I send the client (my machine) > public certificate for the remote server ? I tried using the 'Export' > option in the MMC and it generated a .cer file. Is this the file which > I've to sent him across ? > > Thanks Hi sabs, Yes, you must send him the .cer file and he must add it to his certificate store. Regards, Martin Kulov http://www.codeattest.com MCAD Charter Member MCSD.NET Early Achiever MCSD great But, when we browse sites that have ssl, we don't install the .cer file > Hi sabs, > [quoted text clipped - 8 lines] > MCSD.NET Early Achiever > MCSD thanks martin. Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.