Web service et certificat d'authentification

Bonjour,

Dans un programme j'ai un appel à un Web Service qui évolue et qui doit intégrer un certificat d'authentification.
Je me suis renseigné sur le sujet et j'ai essayé de modifier mon appel mais malheureusement j'ai le serveur distant qui n'a pas l'air d'accord avec ce que je fais et qui me retourne un 403:forbidden:

Et je ne vois pas ou se situe le problème alors si quelqu'un veut m'aider dans mes investigations et à mieux comprendre l'utilisation de certificats je suis à son écoute.

J'ai en ma possession un fichier "certificat.crt".
La connection ne nécessite pas d'identifiant de connection.

Code:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
 
public static string SoapRequest(String orderRequest)
        {
            try
            {
            String soapRequest = ESBManager.Read(TPL.SOAP_REQUEST);
            soapRequest = String.Format(soapRequest, orderRequest);
 
            byte[] buffer = Encoding.ASCII.GetBytes(soapRequest);
 
            //TEST DIT 33576
 
            //You must change the path to point to your .cer file location. 
            X509Certificate Cert = X509Certificate.CreateFromCertFile("C:\\Temp\\certificat.crt");
 
            // Handle any certificate errors on the certificate from the server.
            ServicePointManager.ServerCertificateValidationCallback = CertificateValidationCallBack;
 
            HttpWebRequest WebReq = (HttpWebRequest)WebRequest.Create("https://xxxxxxxxx");
 
            //Test DIT 33576
            WebReq.ClientCertificates.Add(Cert);
            WebReq.UserAgent = "Client Cert Sample";
 
            // Elargissement du timeout
            WebReq.Timeout = 300000;
            //Set the method/action type
            WebReq.Method = "POST";
 
            //We use form contentType
            WebReq.ContentType = "soap/xml; charset=utf-8";
 
            //The length of the buffer
            WebReq.ContentLength = buffer.Length;
 
            //We open a stream for writing the post  data
            Stream MyPostData = WebReq.GetRequestStream();
 
            //Now we write, and after wards, we close. Closing is always important!
            MyPostData.Write(buffer, 0, buffer.Length);
            MyPostData.Close();
 
            //Get the response handle, we have no true response yet!
            HttpWebResponse WebResp = (HttpWebResponse)WebReq.GetResponse();
 
            //Now, we read the response (the string), and output it.
            Stream MyResponse = WebResp.GetResponseStream();
            StreamReader MyResponseReader = new StreamReader(MyResponse);
 
            //Read the response Stream and write it
            String response = MyResponseReader.ReadToEnd();
            return response;
 
            }
            catch (Exception ex)
            {
                throw ex;
            }
        }
 
        //Test DIT 33576
        private static bool CertificateValidationCallBack(
                 object sender,
                 System.Security.Cryptography.X509Certificates.X509Certificate certificate,
                 System.Security.Cryptography.X509Certificates.X509Chain chain,
                 System.Net.Security.SslPolicyErrors sslPolicyErrors)
        {
            // If the certificate is a valid, signed certificate, return true.
            if (sslPolicyErrors == System.Net.Security.SslPolicyErrors.None)
            {
                return true;
            }
 
            // If there are errors in the certificate chain, look at each error to determine the cause.
            if ((sslPolicyErrors & System.Net.Security.SslPolicyErrors.RemoteCertificateChainErrors) != 0)
            {
                if (chain != null && chain.ChainStatus != null)
                {
                    foreach (System.Security.Cryptography.X509Certificates.X509ChainStatus status in chain.ChainStatus)
                    {
                        if ((certificate.Subject == certificate.Issuer) &&
                           (status.Status == System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.UntrustedRoot))
                        {
                            // Self-signed certificates with an untrusted root are valid. 
                            continue;
                        }
                        else
                        {
                            if (status.Status != System.Security.Cryptography.X509Certificates.X509ChainStatusFlags.NoError)
                            {
                                // If there are any other errors in the certificate chain, the certificate is invalid,
                                // so the method returns false.
                                return false;
                            }
                        }
                    }
                }
 
                // When processing reaches this line, the only errors in the certificate chain are 
                // untrusted root errors for self-signed certificates. These certificates are valid
                // for default Exchange server installations, so return true.
                return true;
            }
            else
            {
                // In all other cases, return false.
                return false;
            }
        }

Le certificat est bien chargé dans l'ogjet X509Certificate Cert.

L'erreur apparait lors de l'appel à

Code:

Stream MyPostData = WebReq.GetRequestStream();

Quelqu'un aurait-il une idée de ce qui cloche ou manque?

Cordialement,
Christophe.