admin管理员组

文章数量:1310050

Active Directory Certificate Services offers a web service that implements MS-XCEP and MS-WSTEP for non-domain connected puters to submit a certificate request.

This certificate can be used for digital signatures, encryption, and more.

Is there a WSDL I can use to interact with these web services? How should I interact with them in C# or Javascript?

Active Directory Certificate Services offers a web service that implements MS-XCEP and MS-WSTEP for non-domain connected puters to submit a certificate request.

This certificate can be used for digital signatures, encryption, and more.

Is there a WSDL I can use to interact with these web services? How should I interact with them in C# or Javascript?

  • javascript
  • c#
  • encryption
  • active-directory
  • certificate
Share Improve this question edited Jun 25, 2018 at 12:43 user7637745 9852 gold badges14 silver badges27 bronze badges asked Feb 28, 2015 at 20:12 makerofthings7makerofthings7 61.5k57 gold badges229 silver badges461 bronze badges 2
  • 3 Each protocol specification you referenced ([MS-XCEP] and [MS-WSTEP]) has appnedix with full WSDL: msdn.microsoft./en-us/library/dd304853.aspx and msdn.microsoft./en-us/library/dd357987.aspx. Isn't this sufficient? – Crypt32 Commented Dec 8, 2015 at 20:30
  • While WSDL is provided by @Crypt32, logically you'd need to: 1. Create PKCS10 CSR 2. Package that as PKCS7 encrypting this as an address to the RA certificate 3. Use webservice to submit the package 4. Retrieve and validate the result – zaitsman Commented Nov 15, 2017 at 3:12
Add a ment  | 

1 Answer 1

Reset to default 1

WCF provides configuration options for a variety of web service connections. From past experience, I required a WSDL from the client I was connecting to - this generated the function call stubs. I then had to "describe" the munication mechanism through the web.config. At runtime, WCF will automatically generate the envelope for you.

Using WCF's message tracing you will be able to see the envelopes - this will allow you to verify if the message structure is close to the examples provided in the MS documentation. You may have to "inject" into the envelope construction process to provide custom attributes, but if this is a standard AD implementation these modifications would not be required.

If you're still failing to receive meaningful output from the connection after that, reach out to the AD admin team, as they may know clients who have successfully connected and/or the meaning of obscure error messages you're receiving.

No idea on Javascript, I think it would be a lot of work to manually construct the envelope and handle the output ing back - MS already provides a wealth of support for the plex data structures required.

本文标签: cHow do I use MSXCEP and MSWSTEP in NET or JavaScript to get a certificate from AD CSStack Overflow

版权声明:本文标题:c# - How do I use MS-XCEP and MS-WSTEP in .NET or JavaScript to get a certificate from AD CS? - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1741836490a2400246.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。