Client side certificate with strong key protection and WebServices

When you are writing application to run as service or middle tier, which is using client certificates. You should not enable strong key protection during certificate installation.

Strong key protection is the way you are informing the system that whenever someone want to use this protected resource (client certifcate) then prompt me for the permission. In middle tier environment you really do not want this prompt, you really want to run your application unattended. In fact with .Net frameworks 1.1, SP1 you won’t be able to use the certificate with strong key protection.

Check the posting from Kevin W. Hammond about his experience on this issue


This posting is provided “AS IS” with no warranties, and confers no rights


Comments (5)

  1. Overdrive says:

    But what can I do to connect to a SSL server with client certificates if i run the code in a w2000 with framework 1.1?

    Ok, I create a pfx file with the private key and not enable strong key protection?

    But how I read the file if the X509Certificate.CreateFromSignedFile function didn´t have a password parameter?

    It works with pfx files?