Is there a "black box" method available to an ASP.NET web application to retrieve the SSL certificate of the server on which it is running?

Asked Nov 27 '21 at 14:05

Active Nov 27 '21 at 18:33

Viewed 21 times

Is there a "black box" method available to an ASP.NET web app to retrieve the SSL certificate of the ASP.NET server on which it is running, a method that assumes no particular knowledge on the part of the application, something like "Get the certificate that is protecting me now?" Or does the ASP.NET web application have to know a relevant value to use as search term and supply it to the X509Store.Certificates.Find() method?

P.S. Is it possible for the web app to use something like what is described in the accepted answer here? I don't see "ServicePoint" on the Request in the web app's IHttpHandler.

edited Nov 27 '21 at 18:33

asked Nov 27 '21 at 14:05

Tim

8,669
31
105
183

1

There certainly can't be one that works in all cases. For example, if the app is behind an "SSL terminating" load balancer then there may be nothing at all locally that looks like the cert the client sees. For two TLS connections (client<->balancer, balancer<->app instance) you'd probably only see the "inside" cert, which may or may not be what you want. – bartonjs Nov 29 '21 at 17:34
Thanks for that clarification. I haven't had to deal with those complexities. – Tim Nov 29 '21 at 21:38

Is there a "black box" method available to an ASP.NET web application to retrieve the SSL certificate of the server on which it is running?

0 Answers0