c# - Digitally sign using client certificate in ASP.Net

Question

I am trying to digitally sign information with a private key. I know how to do this on in a desktop client application with .Net, but am not sure how to do it in ASP.Net. It would be used on an intranet using IE8. If it is done via ASP.Net, I am guessing that the private key is not sent to the server when the user types in their certificate passowrd when going to the site (https, 2-way SSL), but am not sure. If there is no way to access the client private key on the server, then how can I sign something in the browser? Can I use javascript?

Edit: I guess what would be helpful to know first is if this can be done on the server or does it have to be done on the client?

Answer 1

The private key of the client-cert is NOT transmitted to the server.

IF you really want/need to sign something with client-cert THEN you need a client-side component... AFAIK this is not possible with javascript... there are solutions out there using Flash, Silverlight, Java Applets as part of the ASP.NET page for doing what you ask...

Making it possible to do this purely on the server-side is a sure sign for broken security (regarding the client-cert) IMHO.