This project has moved and is read-only. For the latest updates, please go here.

OWIN Keys ssl.ClientCertificate always null

Sep 19, 2014 at 11:16 PM
I am developing a Web Api in a web role and i want to authenticate the user using X509 certificate.

When i try try to the key "ssl.ClientCertificate" from the owincontext always return null.

I don't know if im missing something or i need to config something.

Thnak You.
Sep 20, 2014 at 12:10 AM
What client are you using?

Does ssl.ClientCertificateErrors say anything?
Sep 20, 2014 at 4:11 AM
Is a windows console the client using HttpClient for the request.

ssl.ClientCertificateErrors doesn't exist in the context either, only exist ssl.LoadClientCertAsync and i already use it for get the client certificate but return null.
Sep 20, 2014 at 2:52 PM
  1. make sure you're using HTTPS.
  2. For HttpClient you have to tell it to use send certs. See WebRequestHandler.ClientCertificates & ClientCertificateOptions.
  3. Check HttpClient's logs to see if it sends the cert.
Jan 5, 2015 at 9:52 PM
Hi, I am running into similar problem where after invoking the ssl.LoadClientCertAsync, I don't see either the certificate or the exception in the dictionary. When I don't set the certificate on the client, ssl.LoadClientCertAsync itself doesn't show up. So my client code is working as expected.

When the async LoadClientCertAsync is invoked, where should i expect the cert to be available for access?

public override async Task Invoke(IOwinContext context)
        var owinCertFunc = "ssl.LoadClientCertAsync";
        var owinCert = "ssl.ClientCertificate";
        var owinCertError = "ssl.ClientCertificateErrors";

        if (context.Environment.Keys.Contains(owinCertFunc))
                var task = (context.Environment[owinCertFunc] as Func<Task>);
                await Task.Run(task);
                X509Certificate cert;
                    cert = context.Environment[owinCert] as X509Certificate;
                Exception certError;
                if (context.Environment.Keys.Contains(owinCertError))
                    certError = context.Environment[owinCertError] as Exception;
            catch (Exception ex)
        await this.Next.Invoke(context);