Celebrate National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

Ignoring client certificate using ServerXMLHTTP (VB6)

Posted on 2014-01-27
5
Medium Priority
?
3,900 Views
Last Modified: 2014-03-19
Any idea how I can force the ServerXMLHTTP to ignore requests for a client-certificate and fail-over to the Basic Authorization credentials provided?

I am trying to achieve this in Visual Basic 6 and ASP Classic.

Code so far:
Set XMLHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
Call XMLHTTP.Open("GET", "https://server/path", False)
XMLHTTP.setRequestHeader "Authorization", "BASIC authhere=="
XMLHTTP.Send

Result so far:
msxml3.dll error '80072f0c'
A certificate is required to complete client authentication
0
Comment
Question by:syswin2
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
5 Comments
 
LVL 15

Expert Comment

by:pateljitu
ID: 39815238
Try code as provided below (you would still require Client certificate to be installed on the server making this call) :

Const SXH_SERVER_CERT_IGNORE_UNKNOWN_CA = 256
Const SXH_SERVER_CERT_IGNORE_WRONG_USAGE = 512
Const SXH_SERVER_CERT_IGNORE_CERT_CN_INVALID = 4096
Const SXH_SERVER_CERT_IGNORE_CERT_DATE_INVALID = 8192
Const SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056

Set XMLHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
XMLHTTP.SetOption(2, XMLHTTP.GetOption(2) - SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS)
XMLHTTP.Open("GET", "https://server/path", False)
XMLHTTP.setRequestHeader "Authorization", "BASIC authhere=="
XMLHTTP.Send

Open in new window


setOption:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms763811%28v=vs.85%29.aspx

getOption:
http://msdn.microsoft.com/en-us/library/windows/desktop/ms753798%28v=vs.85%29.aspx
0
 
LVL 36

Accepted Solution

by:
mccarl earned 2000 total points
ID: 39816678
Unfortunately, you have no way of controlling this from the client side. If the server is configured to require certificates, than there is nothing that the client can do about it.

Do you have control over the server that you are connecting to? If so, you need to look at the servers config to see if you can disable the requirement for client certificates.
0
 

Author Closing Comment

by:syswin2
ID: 39863152
Hi mccarl,

Thanks for the information, I had no control over the server so I ended up getting my VB6/ASP script to talk via SOAP to a PHP script which then talked to the target server using cUrl which had an option to ignore server certificates.

A bit round the houses but it works.

Thanks,
Peter
0
 
LVL 36

Expert Comment

by:mccarl
ID: 39863559
I'm glad that you got it working! :)

However, I'm still a little perplexed...
using cUrl which had an option to ignore server certificates.
There should be no way that ANY client (ServerXMLHTTP, cURL or any other) can bypass client authentication.

What option did you use with cURL that made this work?
0
 

Author Comment

by:syswin2
ID: 39940534
We ended up using cUrl option "CURLOPT_SSL_VERIFYPEER" = False which caused it to fall-back to basic authentication (over SSL).
0

Featured Post

Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Enums (shorthand for ‘enumerations’) are not often used by programmers but they can be quite valuable when they are.  What are they? An Enum is just a type of variable like a string or an Integer, but in this case one that you create that contains…
You can of course define an array to hold data that is of a particular type like an array of Strings to hold customer names or an array of Doubles to hold customer sales, but what do you do if you want to coordinate that data? This article describes…
Get people started with the process of using Access VBA to control Outlook using automation, Microsoft Access can control other applications. An example is the ability to programmatically talk to Microsoft Outlook. Using automation, an Access applic…
The purpose of this video is to demonstrate how to set up the WordPress backend so that each page automatically generates a Mailchimp signup form in the sidebar. This will be demonstrated using a Windows 8 PC. Tools Used are Photoshop, Awesome…
Suggested Courses

730 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question