dcsimg
Results 1 to 3 of 3

Thread: WinHttpRequest.5.1 set client certificate from file.It possible?

  1. #1

    Thread Starter
    New Member
    Join Date
    Sep 2019
    Posts
    1

    WinHttpRequest.5.1 set client certificate from file.It possible?

    On C/C++ it possible
    Code:
    HCERTSTORE mycer =
    CertOpenStore(CERT_STORE_PROV_FILENAME, X509_ASN_ENCODING, NULL, 
    (CERT_STORE_OPEN_EXISTING_FLAG | CERT_STORE_READONLY_FLAG),L"D:\\Install\\cert.cer");
    PCCERT_CONTEXT cont = NULL;
    cont = CertEnumCertificatesInStore(mycer, cont);
    if (cont != NULL)
    {
    	WinHttpSetOption(req,
    	WINHTTP_OPTION_CLIENT_CERT_CONTEXT,
    	(LPVOID)cont,
    	sizeof(CERT_CONTEXT));
    	CertFreeCertificateContext(cont);
    	printf("cert OK\n");
    }
    else
    {
    	WinHttpSetOption(req, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, 
    	WINHTTP_NO_CLIENT_CERT_CONTEXT, 0);
    	printf("cert err: %d \n", GetLastError());
    }
    CertCloseStore(mycer, 0);
    But I need do it on vbs.
    I wrote next code
    Code:
    Dim o, res,fsobj,txtobj 
    Set o = CreateObject("WinHttp.WinHttpRequest.5.1")
    o.open "GET", message, False
    Set fsobj = CreateObject("Scripting.FileSystemObject")
    Set txtobj = fso.OpenTextFile("D:\certT.cer")'base64 encoded
    certificate_data = txtobj.ReadAll
    certificate_data=Replace(certificate_data,"-----BEGIN CERTIFICATE-----","")
    certificate_data=Replace(certificate_data,"-----END CERTIFICATE-----","")
    WScript.Echo certificate_data
    o.SetClientCertificate(certificate_data)
    o.Send
    And it code unfortunately doesn't work(ERROR_WINHTTP_CLIENT_AUTH_CERT_NEEDED error).

  2. #2
    Super Moderator FunkyDexter's Avatar
    Join Date
    Apr 2005
    Location
    An obscure body in the SK system. The inhabitants call it Earth
    Posts
    7,345

    Re: WinHttpRequest.5.1 set client certificate from file.It possible?

    Moved to VB Script
    You can depend upon the Americans to do the right thing. But only after they have exhausted every other possibility - Winston Churchill

    Hadoop actually sounds more like the way they greet each other in Yorkshire - Inferrd

  3. #3
    PowerPoster
    Join Date
    Feb 2006
    Posts
    20,519

    Re: WinHttpRequest.5.1 set client certificate from file.It possible?

    You have to install the cert to use it. As you can see the C++ snippet calls CertOpenStore() to do this. You might need to create a DLL that your script can use in order to make the necessary WinCrypt API calls.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Featured


Click Here to Expand Forum to Full Width