How to create a Mutual SSL authentication with a mobil client

[nologinatgit]

I intend to create a Mutual SSL authentication between an ASPNET Core server (running as a self-hosted service) and a mobil client. According to this article, it can be done by a 12-step process.

1. Can I establish the same with your library?
2. Can I distribute the client certificate to the client in an easy way?
3. Can you elaborate in the Readme about how to run and configure your middleware library to establish a working example ? The demo itself does not explain a lot of the architecture.

[ronanjordan]

I am looking into similar implementation. I need to authenticate miltiple clients . What I am tryng to do is this: ` "AuthorizedCertficatesAndRoles": { "CertificateAndRoles": [ { "Subject": "CN=client1.localhost", "Issuer": "CN=client1.localhost", "Roles": [ "Client" ] }, { "Subject": "CN=client10.localhost", "Issuer": "CN=client10.localhost", "Roles": [ "Client" ] }, { "Subject": "CN=client2.localhost", "Issuer": "CN=client2.localhost", "Roles": [ "User" ] }, { "Subject": "CN=client3.localhost", "Issuer": "CN=client3.localhost", "Roles": [ "Admin" ] } ] },

`

The documentation is not very clear how to implement client certificates. The script provided does not work .

I found useful article here http://www.digitallycreated.net/Blog/38/using-makecert-to-create-certificates-for-development how to create local certificate for testing. When you connstrain the method to authenticate certificate [Authorize(Policy = "MyRole" ] the CertificateAuthenticationHandler clas is never called and var certificate = Context.Connection.ClientCertificate; is null

[xavierjohn]

If the certificate is not getting passed, there is probably something wrong with your project configuration. In the included sample, if you add more Roles with different certificates, it should work. Just don't use IIS Express as the host. Use the demo exe itself as the host.