Sending Client Certificate

Discussion in 'ASP General' started by Tom, Feb 15, 2008.

  1. Tom

    Tom Guest

    I'm trying to set up and use a client certificate given to us by a 3rd party
    to request and receive their XML data. With the provided cert, the only
    instructions they've given us is to import the cert into IE and export to a
    ..pfx file.

    I used the MMC Certificate Snap in to get the cert into the certificate
    store (I think that part's OK but not 100% sure if I've granted access etc.)
    Then I used winhttpcertcfg.exe. to grant access. I'm just not sure about
    the account(s). I've granted access to the following accounts by using the
    following command:

    winhttpcertcfg -g -c LOCAL_MACHINE\MY -s "CsS Services -a IWAM_SECURE

    I've run that command for various accounts. Here's the listing now using:

    winhttpcertcfg -l -c LOCAL_MACHINE\MY -s "CsS Services"

    Microsoft (R) WinHTTP Certificate Configuration Tool
    Copyright (C) Microsoft Corporation 2001.

    Matching certificate:
    E=
    CN=CsS Services
    OU=Identity authenticated by RA
    OU=Email control validated by GeoTrust
    OU=See TCX CPS www.geotrust.com/resources/CPS
    OU=CPS terms incorp. by ref. liability ltd.
    O=Org. not validated.

    Additional accounts and groups with access to the private key include:

    BUILTIN\Administrators
    NT AUTHORITY\SYSTEM
    SECURE\IUSR_SECURE
    SECURE\IWAM_SECURE
    SECURE\ASPNET

    Now when I run this code using WinHttp.WinHttpRequest I get the following
    error:

    WinHttp.WinHttpRequest error '80072f9a'
    A security error occurred

    This still occurs on objSrvHTTP.Send. I've tried both GET and POST and get
    the same error. Previous to correctly (at least I think it's been run
    correctly) run winhttpcertcfg we were getting "msxml3.dll error '80072f0c' A
    certificate is required to complete client authentication"

    MS advised to install SP 2 (Windows Server 2003 Standard) and use
    WinHttp.WinHTTPRequest instead of Msxml2.ServerXMLHTTP.

    Here's the code:
    set objSrvHTTP = Server.CreateObject ("WinHttp.WinHttpRequest.5.1")
    set objXMLDocument = Server.CreateObject("MSXML2.DOMDocument")
    set objXMLReponseDocument = Server.CreateObject("MSXML2.DOMDocument")

    objXMLDocument.async = false
    objXMLDocument.load(Server.MapPath("Request.xml"))
    ' WinHttp.WinHttpRequest.5.1
    ' CN from certificate which is in Local Computer\Personal\Certificates
    objSrvHTTP.SetClientCertificate "LOCAL_MACHINE\MY\CsS Services"


    objSrvHTTP.open "GET", "https://test.rbsecure.com/secure2/bin/XMLPost",
    false
    objSrvHTTP.SetRequestHeader "content-Type","text/xml"
    objSrvHTTP.send objXMLDocument
    Response.Write objSrvHTTP.ResponseText

    Thanks in advance for any help...Tom
    Tom, Feb 15, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. =?Utf-8?B?TWFydmlu?=

    httpWebRequest not sending client Certificate

    =?Utf-8?B?TWFydmlu?=, Aug 6, 2004, in forum: ASP .Net
    Replies:
    1
    Views:
    2,670
    Jens Christian Mikkelsen
    Aug 8, 2004
  2. Joe Wong
    Replies:
    2
    Views:
    4,116
  3. Raphael Gray
    Replies:
    1
    Views:
    1,153
    Raphael Gray
    Jun 3, 2009
  4. Helena Cai
    Replies:
    0
    Views:
    395
    Helena Cai
    Aug 29, 2004
  5. Replies:
    0
    Views:
    409
Loading...

Share This Page