Using System.Net.WebClient with HTTPS certificate

Question

In my C# Windows client, I have a POST submission to \"the mothership\". I want the data in the submits to be secured, of course, so I paid for HostGator to issue me an SSL cert

Answer 1

Client certificates will work only if the private key is available. This is not generally the case when using .cer files since the X.509 certificate does not include the private key.

The only safe way to ensure the private key is available is to load the certificate from a PKCS#12 file where both the certificate(s) and the private key are available (i.e. both were exported into the .pfx file).

Notes:

• I said generally because Windows/CryptoAPI sometimes does some magic (when used with X509Certificate) and automatically associate a certificate with a private key from the certificate.key stores.

• I said safe because that will work on Mono too, not just MS .NET.