Archived Forum Post

Index of archived forum posts

Question:

get data from webservice with x509

Feb 22 '17 at 08:22

Hello,

I have to get data from a webservice (described as "like REST") , the site needs a certificate. We send some data in XML form but as contenttype text/plain (dont ask:-) ) and receive some data in XML form.

We have different certificates on the pc, so the one to be used comes from a file (see down)

In the next lines there is code from our working c# solution. But now need to do implement it in another project in VFP and want to use chilkat for it (which we use for ftp,..)

Can you give me a hint where to start or some code ?

Thanks a lot in advance tom

Here is the main part of the c# program :

namespace WebClientService

{ public class WebClient

{
    private readonly ILog _log;
    public WebClient()

    public string SendData(string uri, String xmlData)
    {

        var url = new Uri(uri);
        SecureWebClient client = new SecureWebClient();

       var response =client.UploadString(url, xmlData);

       _log.Debug(response);

        return response.ToString();

    }

    class SecureWebClient : System.Net.WebClient
    {

        protected override WebRequest GetWebRequest(Uri address)
        {
            HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(address);

            ServicePointManager.ServerCertificateValidationCallback = delegate { return true; };
            //ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
            X509Certificate myCert =  X509Certificate2.CreateFromCertFile("ClientCertificate.cer");
            request.ClientCertificates.Add(myCert);
            return request;
        }
    }

}

}


Answer

Hi Tom,

You could start with this example "https://www.example-code.com/foxpro/http_public_key_pinning.asp", where you make a secure connection with server getting public key.

In your case you could use this "https://www.chilkatsoft.com/refdoc/xPublicKeyRef.html" to get public key from your certificate and use in the example above.

Once connected you could use "https://www.example-code.com/foxpro/rest_simple.asp" to use REST.

Hope this could help you as start.

Marcos


Answer

Hello,

thanks for the answer. I updated to new version and tried (base parts)

loHttp = Createobject('Chilkat_9_5_0.Http')
loCert = CreateObject('Chilkat_9_5_0.Cert')
nSuccess = loCert.LoadFromFile("e:\clientcertificate.cer")
loHttp.setRequestHeader('Content-Type' ,'text/xml;charset=UTF-8')
lohttp.SetSslClientCert(locert)
loResponse = loHttp.PostXml(lcUrlEndpoint,lcXmlStr,lcXmlCharset)

I got the following error : C

hilkatLog:
  PostXml:
    DllDate: Dec 27 2016
    ChilkatVersion: 9.5.0.65
    UnlockPrefix: .
    Architecture: Little Endian; 32-bit
    Language: ActiveX
    VerboseLogging: 0
    url: https://theurl
    charset: utf-8
    Component successfully unlocked using purchased unlock code.
    fullRequest:
      a_synchronousRequest:
        generateRequestHeader:
          httpRequestGenStartLine:
            genStartLine:
              startLine: POST /theurlok HTTP/1.1
            --genStartLine
          --httpRequestGenStartLine
          addCookies:
            Not auto-adding cookies.
            sendCookies: 1
            cookieDir: 
          --addCookies
        --generateRequestHeader
        fullHttpRequest:
          domain: oasis-tst-crt.hessen.de
          port: 443
          ssl: 1
          openHttpConnection:
            Opening connection directly to HTTP server.
            httpHostname: hostname.de
            httpPort: 443
            ssl: 1
            socket2Connect:
              connect2:
                connectImplicitSsl:
                  clientHandshake:
                    clientHandshake2:
                      getPrivateKey:
                        certGetPrivateKeyAsDER:
                          msCertGetPrivateKey:
                            kcExportPrivateKeyToDER:
                              bExchangeKey: 1
                              cryptoKeyExport:
                                (warning) Cannot access private key because when installed, it was not marked as exportable.
                                (optional) Re-install the certificate and private key from a PFX.
                                (optional) Make sure to mark the key as exportable.
                              --cryptoKeyExport
                              (warning) Cannot export private key.
                            --kcExportPrivateKeyToDER
                          --msCertGetPrivateKey
                        --certGetPrivateKeyAsDER
                        Unable to export the private key.
                      --getPrivateKey
                      sendCertificateVerify:
                        CertificateVerify using TLS 1.2 with MS Crypto API is not supported.  Use TLS 1.1 or lower.
                      --sendCertificateVerify
                      Failed to send client certificate verify message.
                    --clientHandshake2
                  --clientHandshake
                  Client handshake failed. (3)
                --connectImplicitSsl
                ConnectFailReason: 113
              --connect2
            --socket2Connect
          --openHttpConnection
        --fullHttpRequest
        success: 0
      --a_synchronousRequest
      success: 0
    --fullRequest
    Failed.
  --PostXml
--ChilkatLog

Maybe loading another certificate file (pfx,..) Maybe I can reinstall the certificate, but I HAVE TO use TLS 1.2 And it works in the .NET version. Is there any way how it can be done with chilkat ?

Thanks in advance tom