Sunday, October 3, 2010

"Reverse engineering" X.509 certificates


Well, the title makes it sound bigger than it really is.
Sometimes a soap request or response contains an X.509 certificate encoded in base64 string:

<o:BinarySecurityToken wsu:Id=”uuid-a687c39f-f848-481b-8552-35de5b5a4d51-2”>  

It may be useful to create the actual certificate that this encoded string represents, usually for the purpose of debugging.
This code snippet will do the trick:

byte[] b = Convert.FromBase64String(@"MQ+PASL89QWEQW2367ASDDASjn7812ASDDAS781mFSDJK78...");
File.WriteAllBytes(@"c:\server.cer", b);

now the certificate is ready in the designated path:


What's next? get this blog rss updates or register for mail updates!