Content


        Request Object
 Request.ClientCertificate Collection
  
        Syntax:
  
        Parameters:
  
        Remarks:
  Examples:

Request Object

Another function of Request object is the retrieving of HTTP client certificate from the client.

Request.ClientCertificate Collection

Request.ClientCertificate Collection retrieves the field values of the client certificate which is sent in the HTTP request.

Syntax:

Request.ClientCertificate( Key[Subfield] )

Or in an ASP file. Imply

<% Request.ClientCertificate( Key[Subfield] ) %>

Parameters:

Key

The parameter "Key" is the name of the certification field to be retrieved. The data type of "Key" is string and is enclosed by quotation marks (" "). The possible certification field of Key are

Value	Description
Certificate	A string containing the binary stream of the entire certificate content in ASN.1 format. Useful for discovering the special SubFields are present but are not listed below.
Flags	A set of flags providing additional client certificate information. If Flags is set to1, a client certificate is present. If flags is set to 2, the last certificate in this chain is from an unknown issuer.
Issuer	A string containing a list of subfield values which containing information about the issuer of the certificate. If this value is specified without a SubField, the ClientCertificate collection returns a comma-separated list of subfields. For example, C=US, O=Versign, and so on.
SerialNumber	A string containing the certification serial number as an ASCII representation of hexadecimal bytes separated by hyphens (-). For example, 04-67-F3-02.
Subject	A string containing a list of subfield values. The subfield values contain information about the subject of the certificate. If this value is specified without a Subfield, the ClientCertificate collection returns a comma-separated list of subfields. For example, C=US, O=Msft, and so on.
ValidFrom	A date specifying when the certificate becomes valid. This date follows VBScript format and varies with international settings. For example, in the United States, 9/22/90 11:59:59 P.M.. The year value is displayed as a four-digit number.
ValidUntil	A date specifying when the certificate expires. The year value is displayed as a four-digit number.

SubField

The optional parameter "SubField" is used to retrieve an individual field in either the Subject or Issuer Keys. The parameter "SubField" is added to the Key parameter as a suffix. For example, Issuer) or SubjectCN.. The possible values of some common SubField values are

Variable Name	Description
C	To specify the name of the country/region of origin.
CN	To specify the common name of the user. (This subfield is only used with the Subject key.)
GN	To specify a given name
I	To specify a set of initials
L	To specify a locality
O	To specify the company or organization name
OU	To specify the name of the organizational unit
S	To specify a state or province
T	To specify the title of the person or organization

Remarks:

The ClientCertificate collection holds fields of keys and values from a security certificate that the client browser passes to the Web Server. These field are specified in the X.509 version 3 standard for public key certificates. Because X.509 is not an offical stantard, there are differences among certificate obtained from certification authorities.

In order to populate the fields of the ClientCertificate collection, both the Web server and the client browser must support the SSL3.0/PCT1.0 protocol. The Web site must have secure sockets layer (SSL) enabled and request client certificates. After SSL is enabled, the URL of the Web site will start with "https://" instead of "http://". The client browser must be capable of sending a certificate. If no certificate is sent, the ClientCertificate collection returns EMPTY.

The Web server must be configured to request client certificates.

Beginning with IIS 6.0, IIS is built in unicode in order to provide improved support for international applications. This can affect features like Request.ClientCertificate Collection. When porting code from an older version of IIS, use custom COM object to convert the public key to ANSI in a return parameter that ASP can then display.

Examples:

Retrieve the value of Key fields in the ClientCertificate Collection

ASP script command:

<%
Response.Write "Raw Certificate Data: " & _
Request.ClientCertificate("Certificate") & " "
%>;;

ASP script command:

<%
Response.Write "Recognization Flag: " & _
Request.ClientCertificate("Flags") & " "
%>;;

ASP script command:

<%
Response.Write "Issuer: " & _
Request.ClientCertificate("Issuer") & " "
%>;

ASP script command:

<%
Response.Write "Certification Serial Number: " & _
Request.ClientCertificate("SerialNumber") & " "
%>;

ASP script command:

<%
Response.Write "Subject: " & _
Request.ClientCertificate("Subject") & " "
%>;

ASP script command:

<%
Response.Write "Commence Date: " & _
Request.ClientCertificate("ValidFrom") & " "
%>;;

ASP script command:

<%
Response.Write "Expire Date: " & _
Request.ClientCertificate("ValidUntil") & " "
%>
Retrieve the value of Key with Subfield in the ClientCertificate Collection

ASP script command:

<%
Response.Write "Common Name of Issuer: " & _
Request.ClientCertificate("IssuerCN") & " "
%>
Loop for all elements in ClientCertificate Collection by elementtt

ASP script command:

<%
For Each element in Request.ClientCertificate
Response.Write element & ": "& Request.ClientCertificate(element) & " "
Next
%>

©sideway

ID: 120200021 Last Updated: 2/8/2012 Revision: 0 Ref:

References

Active Server Pages, , http://msdn.microsoft.com/en-us/library/aa286483.aspx
ASP Overview, , http://msdn.microsoft.com/en-us/library/ms524929%28v=vs.90%29.aspx
ASP Best Practices, , http://technet.microsoft.com/en-us/library/cc939157.aspx
ASP Built-in Objects, , http://msdn.microsoft.com/en-us/library/ie/ms524716(v=vs.90).aspx
Response Object, , http://msdn.microsoft.com/en-us/library/ms525405(v=vs.90).aspx
Request Object, , http://msdn.microsoft.com/en-us/library/ms524948(v=vs.90).aspx
Server Object (IIS), , http://msdn.microsoft.com/en-us/library/ms525541(v=vs.90).aspx
Application Object (IIS), , http://msdn.microsoft.com/en-us/library/ms525360(v=vs.90).aspx
Session Object (IIS), , http://msdn.microsoft.com/en-us/library/ms524319(8v=vs.90).aspx
ASPError Object, , http://msdn.microsoft.com/en-us/library/ms524942(v=vs.90).aspx
ObjectContext Object (IIS), , http://msdn.microsoft.com/en-us/library/ms525667(v=vs.90).aspx
Debugging Global.asa Files, , http://msdn.microsoft.com/en-us/library/aa291249(v=vs.71).aspx
How to: Debug Global.asa files, , http://msdn.microsoft.com/en-us/library/ms241868(v=vs.80).aspx
Calling COM Components from ASP Pages, , http://msdn.microsoft.com/en-us/library/ms524620(v=VS.90).aspx
IIS ASP Scripting Reference, , http://msdn.microsoft.com/en-us/library/ms524664(v=vs.90).aspx
ASP Keywords, , http://msdn.microsoft.com/en-us/library/ms524672(v=vs.90).aspx
Creating Simple ASP Pages, , http://msdn.microsoft.com/en-us/library/ms524741(v=vs.90).aspx
Including Files in ASP Applications, , http://msdn.microsoft.com/en-us/library/ms524876(v=vs.90).aspx
ASP Overview, , http://msdn.microsoft.com/en-us/library/ms524929(v=vs.90).aspx
FileSystemObject Object, , http://msdn.microsoft.com/en-us/library/z9ty6h50(v=vs.84).aspx
http://msdn.microsoft.com/en-us/library/windows/desktop/ms675944(v=vs.85).aspx, , ADO Object Model
ADO Fundamentals, , http://msdn.microsoft.com/en-us/library/windows/desktop/ms680928(v=vs.85).aspx