I am using 127.0.0.1 as host address here, but in real life you probably would use a domain name and not an IP address.
Remember that the certificate has been issued for that particular name (for example localhost and not 127.0.0.1). NET Web API service using your web browser you will see 403 error, this is because the application requires client to present a SSL certificate and the browser does not have one.
Open IIS Manager and go to Server Certificates panel. Go to Project properties and make sure you use IIS as server (not IIS Express), also use https:// instead of for Project Url option, create virtual directory if necessary.
After you do this go back to IIS Manager and under SSL Settings for a newly create virtual directory check 'Require SSL' and 'Require client certificates'.
NET Web API application and how to use delegating handlers to provide custom logic that handles certificates and allows to introduce arbitrary authentication mechanism (eg. I will also show how to import client certificates into XAML Windows Store app and how to use it to authenticate to a HTTP service.
You can skip next step if you already have certificates and do not need to create self-signed surrogates.
makecert -r -pe -n "CN=Awesome CA" -ss CA -a sha1 -sky signature -cy authority -sv Awesome Awesome makecert -pe -n "CN=127.0.0.1" -a sha1 -sky exchange -eku 188.8.131.52.184.108.40.206.1 -ic Awesome -iv Awesome -sp "Microsoft RSA SChannel Cryptographic Provider" -sy 12 -sv Local Local pvk2pfx -pvk Local -spc Local -pfx Local After running these commands and entering password for several times, you should end up with a couple of certificate files.
Now you will need to tell your computer to trust the newly created CA (it is generally a good idea to remove that trust after you are finished with testing).
The following are the benefits for using this approach. The Configure OAuth method will be called inside the Configuration method of the OWIN startup class.
This is an xml file so you can either edit the source directly or use the designer that ships with VS 2012.
Copy over CA file to the project folder and add it to Certificates declaration, use "Root" as store name. Encode To Base64String(buffer); await Certificate Enrollment Manager. None, "Client certificate"); Http Client Handler message Handler = new Http Client Handler(); message Handler. NET Web API specific and would have really worked in any ASP. It is also pretty basic, without any logic to really extend certificate validation or provide any kind of certificate-to-user mapping.
To do that start as an Administrator Add/Remove Snap-In (Ctrl M), and when prompted with certificate store option choose Under Certificates (Local Computer) choose All Tasks and Import Awesome Then under Default Web Site go to Bindings and make sure that the https binding is properly set up (if it doesn't exist, create it) and that newly created certificate is mapped to that binding. NET Web API application - the template provides Values Controller by default.
It should become visible in the list along other Trusted Root CAs. I am using Windows 8 that runs IIS 8, but instructions for 7/7.5 should be very similar/the same. Make sure that the user that you are running Visual Studio as has sufficient permissions to create new virtual directories in IIS.