A3 Certificate in ASP.NET MVC and IIS

Navigation
4

I have an ASP.NET MVC4 application and I use the following code to read the user's A3 (reader or pendrive) certificate: 

var store = new X509Store(StoreName.My, StoreLocation.CurrentUser);
  store.Open(OpenFlags.OpenExistingOnly | OpenFlags.MaxAllowed);

  var collection = store.Certificates;
  var fcollection = collection.Find(X509FindType.FindByTimeValid, DateTime.Now, true);
  var scollection = X509Certificate2UI.SelectFromCollection(fcollection, "Certificados válidos:", "Selecione o certificado que deseja usar",
            X509SelectionFlag.SingleSelection);

As I'm debugging (using IISExpress) the code works fine, but when I publish the application to IIS 7.5 (on my local machine) it returns the following error:

  

The current session is not interactive.

Question: Is it possible for IIS to "respect" the above code in the same way IISExpress does?

    
asked by anonymous 30.08.2016 / 16:57

1 answer

1
  

Is it possible to have IIS "respect" the code above in the same way IISExpress does?

No. This is not a problem with IIS. The issue is that you are using an A3 Certificate (therefore a Smart Card) for authentication, or to sign or encrypt an object.

The problem here is that this data extraction is always local, and IIS is only local at the time you are developing it. In this case, it is better to develop Smart Card authentication on your system and use its certificate to perform the operations. This article is kind of long, but it explains all that I've talked about .

Or, if you just want to extract the certificate using your authentication, you can write an ActiveX component (which needs to be installed on the user's machine as well) and have this component send the data to your Web application. a href="https://github.com/ubinity/webpcsc-firebreath"> Here is an implementation . Here's another .

    
30.08.2016 / 17:14
Hook for custom crop in Wordpress Functions of PHP adapted to MySQL