Sunday, October 3, 2010

"Reverse engineering" X.509 certificates

@YaronNaveh

Well, the title makes it sound bigger than it really is.
Sometimes a soap request or response contains an X.509 certificate encoded in base64 string:

<o:BinarySecurityToken wsu:Id=”uuid-a687c39f-f848-481b-8552-35de5b5a4d51-2”>  
MQ+PASL89QWEQW2367ASDDASjn7812ASDDAS781mFSDJK78…
</o:BinarySecurityToken> 

It may be useful to create the actual certificate that this encoded string represents, usually for the purpose of debugging.
This code snippet will do the trick:

byte[] b = Convert.FromBase64String(@"MQ+PASL89QWEQW2367ASDDASjn7812ASDDAS781mFSDJK78...");
File.WriteAllBytes(@"c:\server.cer", b);

now the certificate is ready in the designated path:

@YaronNaveh

What's next? get this blog rss updates or register for mail updates!

0 comments: