Add certificate on request with RestSharp

dpfauwadel picture dpfauwadel · Mar 2, 2018 · Viewed 10.1k times · Source

I'm trying to communicate with a server. This server send me a certificate and a private key in order to execute my request successfully.

To test the server, I use Postman. So I fill the certificate setting in postman, and my request works fine

Postman settings for certificates

Now I want to do the same in C#.

For that I use RestSharp in order to create the request.

Here is my code

 var client = new RestClient(url);

 byte[] certBuffer = UtilsService.GetBytesFromPEM(myCertificate, Models.Enum.PemStringType.Certificate);
 byte[] keyBuffer = UtilsService.GetBytesFromPEM(encryptedPrivateKey, Models.Enum.PemStringType.RsaPrivateKey);

 X509Certificate2 certificate = new X509Certificate2(certBuffer, secret);
 client.ClientCertificates = new X509CertificateCollection() { certificate };
 var request = new RestRequest(Method.POST);
 request.AddHeader("Cache-Control", "no-cache");
 request.AddHeader("Accept", "application/json");
 request.AddHeader("Content-Type", "application/json");
 request.AddParameter("myStuff", ParameterType.RequestBody);
 IRestResponse response = client.Execute(request);

The request doesn't work. I think the problem is from how I load the certificate in RestSharp.

I'm looking for information how to set correctly the certificate in RestSharp.

I'm using RestSharp, but I could be anything else that can work in C#

Answer

dpfauwadel picture dpfauwadel · Apr 25, 2018

Ok, I got the solution.

First of all, I had to stop using the .crt and the .key for the certificate. I have to get a .pfx. This can be done with openssl command (openssl documentation)

openssl pkcs12 -export -out certificate.pfx -inkey privateKey.key -in certificate.crt -certfile CACert.crt

After creating the certificate, just add it to the request like this

var client = new RestClient(url);

ServicePointManager.Expect100Continue = true;
ServicePointManager.DefaultConnectionLimit = 9999;
ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls | SecurityProtocolType.Tls11 | SecurityProtocolType.Tls12 | SecurityProtocolType.Ssl3;

var certFile = Path.Combine(certificateFolder, "certificate.pfx");
X509Certificate2 certificate = new X509Certificate2(certFile, onboard.authentication.secret);
client.ClientCertificates = new X509CertificateCollection() { certificate };
client.Proxy = new WebProxy();
var restrequest = new RestRequest(Method.POST);
restrequest.AddHeader("Cache-Control", "no-cache");
restrequest.AddHeader("Accept", "application/json");
restrequest.AddHeader("Content-Type", "application/json");
restrequest.AddParameter("myStuff", ParameterType.RequestBody);
IRestResponse response = client.Execute(restrequest);