Closed nologinatgit closed 5 years ago
I am looking into similar implementation. I need to authenticate miltiple clients . What I am tryng to do is this: ` "AuthorizedCertficatesAndRoles": { "CertificateAndRoles": [ { "Subject": "CN=client1.localhost", "Issuer": "CN=client1.localhost", "Roles": [ "Client" ] }, { "Subject": "CN=client10.localhost", "Issuer": "CN=client10.localhost", "Roles": [ "Client" ] }, { "Subject": "CN=client2.localhost", "Issuer": "CN=client2.localhost", "Roles": [ "User" ] }, { "Subject": "CN=client3.localhost", "Issuer": "CN=client3.localhost", "Roles": [ "Admin" ] } ] },
`
The documentation is not very clear how to implement client certificates. The script provided does not work .
I found useful article here http://www.digitallycreated.net/Blog/38/using-makecert-to-create-certificates-for-development how to create local certificate for testing.
When you connstrain the method to authenticate certificate [Authorize(Policy = "MyRole" ] the CertificateAuthenticationHandler clas is never called and var certificate = Context.Connection.ClientCertificate;
is null
If the certificate is not getting passed, there is probably something wrong with your project configuration. In the included sample, if you add more Roles with different certificates, it should work. Just don't use IIS Express as the host. Use the demo exe itself as the host.
I intend to create a Mutual SSL authentication between an ASPNET Core server (running as a self-hosted service) and a mobil client. According to this article, it can be done by a 12-step process.