I have an application and I need to authenticate users using X509 certificates. Count What's the point of the certificate if the client can export it and install it wherever he wants?

That is, the user must install a certificate issued by me so that he can browse my website and I can identify which user is, by this certificate. Ordinal Ignore Case); // if the certificate is self-signed, verify itself. Username/password ensures me about the authenticity of the user, but i need to ensure the authenticity of the machine as well.

reconstructing chains of certificate on which validation (including verifying cryptographic signatures) seems relevant.

What is odd is that the signature property seems to be missing in a lot of instances (.

Using a 512-bit key is not recommended for production work. ( you are strongly recommended to use the S/MIME CMS functions if you need to pass secure messages.

The S/MIME protocols have been well designed and tested - be careful designing your own.) If you need more information about RSA keys and how they can be stored and the functions available in the Toolkit to handle them, see RSA Key Formats.

Finally, it is customary, in protocols where a party can show a certificate, to actually show a message.

All this gives a lot of ways for a computer to do certification path building, i.e.

This Excel 2003 spreadsheet (65 k B) contains VBA macros that show how to use to make and verify RSA signatures in a spreadsheet (it should still work in the latest Excel).

A sample certificate and encrypted private key is included (the password for the sample key is, of course, password).

I have already configured SSL on IIS, but it's not what I'm looking for right now, and I don't know where to start. To create a secure authentication mechanism you would use both client certificates and username / password. A certificate can be installed so that the private keys (required for authentication) cannot be exported.

The reason is that a certificate is something that can be stolen (copied) but a password is something that is only known by the person. App Settings["Client Certificate Issuer Thumbprints"] . Some laptops allow you to install the certificates in a hardware chip.

The key and certificate files must be in the same directory as the spreadsheet itself, and macros must be enabled.