Https Post with .crt and .key

Question

I am sorry if it is duplicate. I see a couple of post over the internet about this topic. But do not get any appropriate solution. I am working at nopcommerce 4.0, which is run on the .net core but the targeted framework is 4.x.x. I am developing a payment plugin which needs secure connection with .crt and .key files. The payment method provider sends a php file which is working as expected. Below is the sample code

function ProcessRequest($curl_post_data,$service_url,$proxy,$proxyauth)
{
$output = '';
$certfile       = '/createorder.crt';
$keyfile        = '/createorder.key';
$cert_password = '';
$ch = curl_init();
curl_setopt( $ch, CURLOPT_URL, $service_url );
curl_setopt( $ch, CURLOPT_RETURNTRANSFER, 1 ); 
curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt( $ch, CURLOPT_SSLCERT, getcwd() . $certfile );
curl_setopt( $ch, CURLOPT_SSLKEY, getcwd() . $keyfile );
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE);
curl_setopt($ch, CURLOPT_POSTFIELDS, $curl_post_data);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, array('Content-Type: application/json'));
$output = curl_exec($ch);
if (curl_error($ch)) {
   echo $error_msg = curl_error($ch);
}
$cblcz = json_decode($output, true );
return $cblcz;
}

$proxy ="";
$proxyauth ="";
$postDatatoken = '{
"password": "123456Aa",
"userName": "test"
}';
$serviceUrltoken ="";
$serviceUrltoken= 'https://sandbox.thecitybank.com:7788/transaction/token';
$cblcz = ProcessRequest($postDatatoken,$serviceUrltoken,$proxy,$proxyauth);

I can not convert this curl to http post. I tried below link

PHP/Curl-SSL operations alternative in C# and others but do not get any work around.

Do not work. For openssl it is throwing dependency are not loaded. Here is my c# code

try
            {
                ServicePointManager.Expect100Continue = true;
                ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls
                       | SecurityProtocolType.Tls11
                       | SecurityProtocolType.Tls12
                       | SecurityProtocolType.Ssl3;

                var certPath = Path.Combine(CommonHelper.MapPath("~/Plugins/Payments.CityBankApi/"), "createorder.crt");
                var keyPath = Path.Combine(CommonHelper.MapPath("~/Plugins/Payments.CityBankApi/"), "createorder.key");


               string certificateText = File.ReadAllText(certPath);
                string privateKeyText = File.ReadAllText(keyPath);

                ICertificateProvider provider = new CertificateFromFileProvider(certificateText, privateKeyText);
                //X509Certificate certificate = provider.Certificate;

                string accessTokenUrl = "https://sandbox.thecitybank.com:7788/transaction/token";

                var requestUrl = new Uri(accessTokenUrl);
                var request = (HttpWebRequest)WebRequest.Create(accessTokenUrl);
                request.ContentType = "application/json";
                request.Method = "POST";

                request.ClientCertificates.Add(provider.Certificate);


                using (var streamWriter = new StreamWriter(request.GetRequestStream()))
                {
                    string json = "{\"userName\":\"test\"," +
                                  "\"password\":\"123456Aa\"}";

                    streamWriter.Write(json);
                    streamWriter.Flush();
                    streamWriter.Close();
                }
                var httpResponse = (HttpWebResponse)request.GetResponse();
                using (var streamReader = new StreamReader(httpResponse.GetResponseStream()))
                {
                    var result = streamReader.ReadToEnd();
                }
            }

            catch (Exception ex)
            {
                throw ex;
            }

Arif · Accepted Answer · 2019-03-06T13:25:01.533

0

Your code seems correct. But make sure you have valid certificate. If the certification is not correct it will through an exception. Check your exception message and try to detect exact error. OR post your error message here.

moreover you should add

request.ServerCertificateValidationCallback = (e,r,c,n) => true;

edited Mar 06 '19 at 13:25

answered Mar 06 '19 at 13:19

Arif

6,094
4
49
81

1

Actually, you are correct the remote certificate was not valid, if we see curl_setopt( $ch, CURLOPT_SSL_VERIFYPEER, false); and curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); lines it is by force false. – sina_Islam Mar 06 '19 at 13:23

Https Post with .crt and .key

1 Answers1