-
-
Notifications
You must be signed in to change notification settings - Fork 128
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Cert Authentication .Net Framework 4.6 Not Working with WebRequestHandler #197
Comments
thanks @amoberoi I'll make the proper fix and release a new version in the coming days. (less than 7) The HttpHandler and proxy possibilities are so diverse in .NET with 4.5, 4.6, .Net Standard etc. that I have a couple of delegates that allow 100% customization (including renewal) of the handler and even the http client if needed. So, you can get unblocked as follows: var vaultClientSettings = new VaultClientSettings(vaultUrl, authMethod);
// change the original handler to the one you need.
vaultClientSettings.PostProcessHttpClientHandlerAction = (HttpClientHandler originalHttpClientHandler) =>
{
originalHttpClientHandler = new WinHttpHandler();
originalHttpClientHandler.ClientCertificates.Add(clientcertificate);
};
IVaultClient _vaultClient = new VaultClient(vaultClientSettings); The above snippet ensures you can still use the official nuget package for VaultSharp and proceed. I'll make the changes in the coming days. Let me know if any issues. |
Thanks rajanadar, but assignment of winHttpHandler to HttpClientHandler is not working since casting is not allowed. "Cannot implicitly convert type "System.Net.Http.WinHttpHandler" to "System.Net.Http.HttpClientHander", so I did the temporary fixes in Polymath.cs and added block of #NET46 to instantiate WinHttpHandler for cert based authentication. Once you will share the updated package we will switch on that. Thanks. |
Got it. @amoberoi Cool. I incorporated your suggestion. Also, took the opportunity to make VaultSharp 4.6.x, 4.7.x, 4.8 and .NET 5. compatible. Please let me know if any issues. |
Thanks. It works now. |
Describe the bug
Not able to pass client certificate with WebRequestHandler
VaultSharp Version
The version of VaultSharp package being used 1.6.2.5
Vault Version
The version of Vault server being used Vault v0.11.1
Does this work with Vault CLI?
Yes
Sample Code Snippet
Install NuGet package System.Net.Http.WinHttpHandler
Replace var handler = new WebRequestHandler(); with var handler = new WinHttpHandler(); since WinHttpHandler is working fine and able to pass client cert to Vault and get the kv from vault.
Do other fixes in Polymath.cs file to fix for WinHttpHandler implementation.
Sample cert Code
string vaultUrl = "xxxx";
string certificateThumbprint = "xxxxx";
string secretPath = "xxxxxx";
var clientcertificate = GetCertificate(certificateThumbprint);
IAuthMethodInfo authMethod = new CertAuthMethodInfo(clientcertificate);
var vaultClientSettings = new VaultClientSettings(vaultUrl, authMethod);
IVaultClient _vaultClient = new VaultClient(vaultClientSettings);
Exception Details/Stack Trace/Error Message
Error comes when using WebRequestHandler is "client certificate must be supplied"
Any additional info
Helpful info
The text was updated successfully, but these errors were encountered: