dcsimg
www.webdeveloper.com
Results 1 to 9 of 9

Thread: Digital Certificate Login

Hybrid View

  1. #1
    Join Date
    Jun 2011
    Posts
    4

    Digital Certificate Login

    Hi everyone!

    I need to discover the technology that was used in the web site below to implement the digital certificate login:



    https://www.fazenda.sp.gov.br/DEC/UCLogin/login.aspx

    (on the site, click the digital certificate image then the site authenticates you using your plugged in smart card or cipher token)

    I presume it is not CAPICOM, since I don't have it installed and I were able to try the login...

    Could anyone, please give me a clue? Basically, it is web application that access the digital certificate store... Anyone knows how to do it?


    Thanxs in advance!

  2. #2
    Join Date
    Jan 2003
    Location
    Dundee, Scotland
    Posts
    1,367
    Hi,

    I can't understand the site but I think I get what your looking for. I don't know of out of the box solution but then I've not googled it. I asume your planning to build it yourself then?

    Not sure what type of device your cipher toekn is but bellow is a link to integrating a smart card to your program.

    http://www.codeproject.com/KB/smart/smartcardapi.aspx

    I guess they encrypt a file on your device when you register, then decrypt and read that file to validate you when you click the image.

    regards

    Ribs

  3. #3
    Join Date
    Jun 2011
    Posts
    4

    Digital Certificate Login

    Thanks for the answer Ribeyed!

    Since you pointed this API, I've read about it and i think it seems to work for a lower level solution... Maybe there is a solution that uses this API to deliver more abstract functions, the ones that I need... (sorry for the bad english )

    Let me explain better..

    I'm using this code inside a console application to read my digital certificate (smart card)

    public static X509Certificate2 GetCertificate()
    {


    X509Store st = new X509Store(StoreName.My, StoreLocation.LocalMachine);
    st.Open(OpenFlags.ReadOnly);
    X509Certificate2Collection col = st.Certificates;
    X509Certificate2 card = null;
    X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(col, "Certificates", "Select one to sign", X509SelectionFlag.SingleSelection);
    if (sel.Count > 0)
    {
    X509Certificate2Enumerator en = sel.GetEnumerator();
    en.MoveNext();
    card = en.Current;
    }
    st.Close();
    return card;
    }


    This code works fine in the case of console applications... But what I need is to use it inside a .NET Web Application, what means that this code should ask for the digital certificate of the client, and after some googling, I got the conclusion that this library doesn´t apply to such scenario (client server architecture)...

    If I execute this code I get a exception thrown by the method X509Certificate2UI.SelectFromCollection. (session is not interactive)

    So, I found this similar web site (the one from the link above) which ask for a digital certificate, exactly the way I wan't (it seems to look at the certificate store of Windows)... Then I thought maybe someone knows the technology applyed there...

    Any other clues? (other than CAPICOM + javascript)?

    Thanx so much!

    Quote Originally Posted by Ribeyed View Post
    Hi,

    I can't understand the site but I think I get what your looking for. I don't know of out of the box solution but then I've not googled it. I asume your planning to build it yourself then?

    Not sure what type of device your cipher toekn is but bellow is a link to integrating a smart card to your program.

    http://www.codeproject.com/KB/smart/smartcardapi.aspx

    I guess they encrypt a file on your device when you register, then decrypt and read that file to validate you when you click the image.

    regards

    Ribs

  4. #4
    Join Date
    Aug 2014
    Posts
    1

    X509 Certificate error

    Hello sir

    I a facing same problem as you.

    Please can you share me your code to resolve this problem if you can???

    i required it very urgently.


    Please reply me on lokesh.snghl@gmail.com as well as here.

    I will be very thankful your

    Quote Originally Posted by gustavoaspnet View Post
    Thanks for the answer Ribeyed!

    Since you pointed this API, I've read about it and i think it seems to work for a lower level solution... Maybe there is a solution that uses this API to deliver more abstract functions, the ones that I need... (sorry for the bad english )

    Let me explain better..

    I'm using this code inside a console application to read my digital certificate (smart card)

    public static X509Certificate2 GetCertificate()
    {


    X509Store st = new X509Store(StoreName.My, StoreLocation.LocalMachine);
    st.Open(OpenFlags.ReadOnly);
    X509Certificate2Collection col = st.Certificates;
    X509Certificate2 card = null;
    X509Certificate2Collection sel = X509Certificate2UI.SelectFromCollection(col, "Certificates", "Select one to sign", X509SelectionFlag.SingleSelection);
    if (sel.Count > 0)
    {
    X509Certificate2Enumerator en = sel.GetEnumerator();
    en.MoveNext();
    card = en.Current;
    }
    st.Close();
    return card;
    }


    This code works fine in the case of console applications... But what I need is to use it inside a .NET Web Application, what means that this code should ask for the digital certificate of the client, and after some googling, I got the conclusion that this library doesn´t apply to such scenario (client server architecture)...

    If I execute this code I get a exception thrown by the method X509Certificate2UI.SelectFromCollection. (session is not interactive)

    So, I found this similar web site (the one from the link above) which ask for a digital certificate, exactly the way I wan't (it seems to look at the certificate store of Windows)... Then I thought maybe someone knows the technology applyed there...

    Any other clues? (other than CAPICOM + javascript)?

    Thanx so much!

  5. #5
    Join Date
    Sep 2013
    Posts
    1
    Olá Gustavo

    Você consegui implementar essa solução para login a partir de um certificado digital, como na página da Fazenda? Em caso positivo, poderia me enviar um exemplo, ou uma sugestão de modelo?

    Qualquer ajuda é bem-vinda.:-)

    Um abraço.

    Homero

    ______________
    Hello Gustavo

    You could implement this solution to login from a digital certificate, such as the page's Fazenda? If so, could you send me an example or a hint?

    Any help is welcome. :-)

    Tanks.

    Homero

  6. #6
    Join Date
    Jan 2003
    Location
    Dundee, Scotland
    Posts
    1,367
    Hi,

    Have a look over this article http://securitythroughabsurdity.com/...ntication.html its Implementing Smart Card Authentication with ASP.NET - Introduction, maybe be closer to what your needing. I think the above would be for a win forms app.

    regards


    Ribs

  7. #7
    Join Date
    Jun 2011
    Posts
    4
    That's what I'm talking about, Ribeyed, thanks very much!

    Did a first successful test, now i'll look for crl/ocsp...

    thanx again



    Quote Originally Posted by Ribeyed View Post
    Hi,

    Have a look over this article http://securitythroughabsurdity.com/...ntication.html its Implementing Smart Card Authentication with ASP.NET - Introduction, maybe be closer to what your needing. I think the above would be for a win forms app.

    regards


    Ribs

  8. #8
    Join Date
    Jan 2003
    Location
    Dundee, Scotland
    Posts
    1,367
    Hi,

    no worries here is a solution for c#.net using ocsp verification:

    http://bouncy-castle.1462172.n4.nabb...td3160243.html

    give that try

    P.s

    Since posting I had a look at that forum its very interesting for this sort of thing. Maybe a look through there you will find all you answers.

    http://bouncy-castle.1462172.n4.nabble.com/

    regards

    Ribs
    Last edited by Ribeyed; 07-04-2011 at 05:51 AM.

  9. #9
    Join Date
    Jun 2011
    Posts
    4
    Thanks again Ribeyed! I'll try the code then I post a feedback here... (and probably more questions... )


    Quote Originally Posted by Ribeyed View Post
    Hi,

    no worries here is a solution for c#.net using ocsp verification:

    http://bouncy-castle.1462172.n4.nabb...td3160243.html

    give that try

    P.s

    Since posting I had a look at that forum its very interesting for this sort of thing. Maybe a look through there you will find all you answers.

    http://bouncy-castle.1462172.n4.nabble.com/

    regards

    Ribs

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center



Recent Articles