HttpWebRequest and SSL

Hot Topic

Graphics software development
SSL on TCP Socket, how in .NET 1.1?
Pass object by Ref
Discard changes made to datatable columns of a Dataset?
Passing excel and word files to web services.
DataTable.CaseSensitivity affect on relational selects
,net Validator Controls are not functioning
Call center application(asp.net,sqlserver C# )
How to fill a textbox in a website application in VS 2005
Transform an ArrayList to a generic List

.NET Development

Creating a new table in SQL Server from ADO.NET DataTable
How to delete files that begin with the ~ character
Pretty XML? should be easy can't find how!
too many different in VS 2005
Passing a ascii byte array as System.String to a COM BSTR param
Windows Vista @ebay
Member of Group
getting an array back from a sp
URGENT....Reading an XML stream from a web service...
Syntax of DataTable.Select()

HttpWebRequest and SSL

I need to communicate with a web server using https just as a browser would.  What steps are necessary to achieve this using HttpWebRequest, is it as simple as the URI beginning with 'https://' or do I need to supply some credentials of some kind   I dont have a certificate myself (the server does) so I wont be using client authentication but I assume this is how browsers operate.  Will data be encrypted in both directions using https

Also, is there a simple way to check that information is being sent encrypted   I'd like to double check that the encryption is happening OK before I start sending credit card details over the wire.

Thanks in advance.

Colin

Answer this question

HttpWebRequest and SSL

  • jrmartinez

    Thanks for the reply Durgaprasad.  I've since run a network sniffer and satisfied myself that data is being encrypted.  To be honest I'm amazed that doing something like this is so simple from the developer's point of view, hats off to MS on that one

  • DGVA

    1. You don't need a client cert if you are not using client certs to authenticate to the server as to who the client is
    2. You don't need any other credentials unless the server is demanding them after SSL connection is established which is not unusual
    3. You do need to have the certificate root's certificate on your machine. This is to make sure that who ever issued the cert to the server is trusted on the client.
    Typically the verisign, etc are already trusted and their root CA certs should be there. Otherwise you need to explicitly install the cert (ROOT CA) on your machine.
    one way to check is to make sure that the IE works fine and then proceed
    4. Data will be encrypted on both directions
    5. One way to check is to capture the network minitor's capture file
    The other way is to get a system.net trace
    Guidance for both are in my blog
    http://blogs.msdn.com/dgorti


  • atmuc

    Thanks.
    I am glad it worked for you

  • rickywong

    I have the same question. I need to send a request to a payment gateway to authorize a payment. I am just using the HttpWebRequest class and createing a uri with "https://". Do I need to do anything else to send the data encrypted If no, who takes care of the encryption

    I have windows xp, so cannot install the Network Monitor, is there any other way I can sniff the web request sent using HttpWebRequest class

    Thanks in advance.
  • HttpWebRequest and SSL
Answer this question