Sending Client Certificate
in [ASP]
|
From: Tom on 15 Feb 2008 18:19 I'm trying to set up and use a client certificate given to us by a 3rd party to request and receive their XML data. With the provided cert, the only instructions they've given us is to import the cert into IE and export to a ..pfx file. I used the MMC Certificate Snap in to get the cert into the certificate store (I think that part's OK but not 100% sure if I've granted access etc.) Then I used winhttpcertcfg.exe. to grant access. I'm just not sure about the account(s). I've granted access to the following accounts by using the following command: winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "CsS Services -a IWAM_SECURE I've run that command for various accounts. Here's the listing now using: winhttpcertcfg -l -c LOCAL_MACHINE\MY -s "CsS Services" Microsoft (R) WinHTTP Certificate Configuration Tool Copyright (C) Microsoft Corporation 2001. Matching certificate: E=tom.gaughan(a)excursiontech.com CN=CsS Services OU=Identity authenticated by RA OU=Email control validated by GeoTrust OU=See TCX CPS www.geotrust.com/resources/CPS OU=CPS terms incorp. by ref. liability ltd. O=Org. not validated. Additional accounts and groups with access to the private key include: BUILTIN\Administrators NT AUTHORITY\SYSTEM SECURE\IUSR_SECURE SECURE\IWAM_SECURE SECURE\ASPNET Now when I run this code using WinHttp.WinHttpRequest I get the following error: WinHttp.WinHttpRequest error '80072f9a' A security error occurred This still occurs on objSrvHTTP.Send. I've tried both GET and POST and get the same error. Previous to correctly (at least I think it's been run correctly) run winhttpcertcfg we were getting "msxml3.dll error '80072f0c' A certificate is required to complete client authentication" MS advised to install SP 2 (Windows Server 2003 Standard) and use WinHttp.WinHTTPRequest instead of Msxml2.ServerXMLHTTP. Here's the code: set objSrvHTTP = Server.CreateObject ("WinHttp.WinHttpRequest.5.1") set objXMLDocument = Server.CreateObject("MSXML2.DOMDocument") set objXMLReponseDocument = Server.CreateObject("MSXML2.DOMDocument") objXMLDocument.async = false objXMLDocument.load(Server.MapPath("Request.xml")) ' WinHttp.WinHttpRequest.5.1 ' CN from certificate which is in Local Computer\Personal\Certificates objSrvHTTP.SetClientCertificate "LOCAL_MACHINE\MY\CsS Services" objSrvHTTP.open "GET", "https://test.rbsecure.com/secure2/bin/XMLPost", false objSrvHTTP.SetRequestHeader "content-Type","text/xml" objSrvHTTP.send objXMLDocument Response.Write objSrvHTTP.ResponseText Thanks in advance for any help...Tom
|
Pages: 1 Prev: How can I end the HTTP response but continue executing ASP? Next: Renew Session variables ? |