Lightrun
question-mark
Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Unable to use dynamic client certificate with HttpClientFactory

See original GitHub issue

Hello, I used HttpClient before:

var certificate = ...
var password = ...
using (var clientHandler = new HttpClientHandler())
{
    clientHandler.ClientCertificates.Add(new X509Certificate2(certificate , password ));
    using (var certificateClient = new HttpClient(clientHandler))
    {
     // ...
    }
}

The certificate is dynamic and is obtained from the database. unable to services.AddHttpClient for all certificates in ConfigureServices.

Can you tell me how it should be implemented?

Issue Analytics

  • State:closed
  • Created 5 years ago
  • Comments:11 (1 by maintainers)

github_iconTop GitHub Comments

2reactions
pokecommented, Jan 13, 2019

You can use ConfigurePrimaryHttpMessageHandler to set up the message handler with a certificate:

services.AddHttpClient("example").ConfigurePrimaryHttpMessageHandler(() =>
{
    var handler = new HttpClientHandler();
    handler.ClientCertificates.Add(certificate);
    return handler;
});

The callback is generally called when the HttpClient is being constructed, so it does not happen at the startup time but on-demand when the client is being used. This means that you can effectively configure the certificate at run-time.

It’s also possible to depend on the service provider there, so you could have some other dependency that provides you with the right certificate:

services.AddHttpClient("example").ConfigurePrimaryHttpMessageHandler(sp =>
{
    var certificateProvider = sp.GetService<CertificateProvider>();

    var handler = new HttpClientHandler();
    handler.ClientCertificates.Add(certificateProvider.GetCertificate());
    return handler;
});
0reactions
davidfowlcommented, Aug 13, 2020

Did anyone figure this out? With the SocketsHttpHandler it’s possible to write logic to that runs per connection to determine which client certificate to use.

Read more comments on GitHub >

github_iconTop Results From Across the Web

Dynamically add a client certificate to a HttpClient
I have an application that needs to call the same endpoint with different client certificates (We are calling an API on behalf of...
Read more >
Using Certificate Authentication with IHttpClientFactory and ...
This article shows how an HttpClient instance could be setup to send a certificate to an API to use for certificate authentication.
Read more >
Dynamic certificate update is failing in HTTPClient Handler ...
I have made an api in .net core 3.1 and created a custom HTTP Client Handler to manage dynamic certificates per http call...
Read more >
Configure certificate authentication in ASP.NET Core
This check validates that the certificate presented by the client has the Client Authentication extended key use (EKU), or no EKUs at all....
Read more >
How to use IHttpClientFactory in ASP.NET Core
NET Core 2.1, IHttpClientFactory provides a central place to name, configure, and create HttpClient instances and manages the pooling and ...
Read more >

github_iconTop Related Medium Post

No results found

github_iconTop Related StackOverflow Question

No results found

github_iconTroubleshoot Live Code

Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free

github_iconTop Related Reddit Thread

No results found

github_iconTop Related Hackernoon Post

No results found

github_iconTop Related Tweet

No results found

github_iconTop Related Dev.to Post

No results found

github_iconTop Related Hashnode Post

No results found
Previous page

Not Disposing SqlCommand or SqlDataReader on Caching.SqlServer

Next page

Issue with CookieContainer when use HttpClientFactory