HttpRequest Builder how to send with SSL certificate - Forum - OpenEdge Development - Progress Community

HttpRequest Builder how to send with SSL certificate

 Forum

HttpRequest Builder how to send with SSL certificate

  • A fairly simple http request but requires a SSL certificate.

    oRequest = RequestBuilder:Post(httpUrl, oString)
    :AcceptJson()
    :Request.

    oResponse = ClientBuilder:Build():Client:Execute(oRequest).

    The response returned is

    <html>
    <head><title>400 No required SSL certificate was sent</title></head>
    <body bgcolor="white">
    <center><h1>400 Bad Request</h1></center>
    <center>No required SSL certificate was sent</center>
    </body>
    </html>

    The question is: How do I reference the certificate in the call ?

    Thanks,

    Mike

  • There’s currently no support for client certs in the ABL (for sockets, which is what the HTTP client uses).
     
    The httpURL, if it’s an HTTPS url, will try to use a cert from the OE cert store in $DLC/certs . It picks it up automatically.From the Help on the socket’s Connect() method
     
    Note: Connections to an SSL-enabled server socket require the management of public keys on the client (SSL client) and private keys on the server (SSL server). For ABL sockets, the SSL client is the ABL session initiating the SSL connection on a socket object and the SSL server is the ABL session enabling SSL connections on a server socket object. For information on using SSL to secure an ABL socket connection, see the sections on sockets in OpenEdge Development: Programming Interfaces. For more information on SSL and managing private key and digital certificate stores for OpenEdge SSL clients and servers, see OpenEdge Getting Started: Core Business Services - Security and Auditing.
     
     
  • Are you running this on a Windows client? You can try using the .NET component HttpWebRequest. It will use the Microsoft (OS) built-in certificate handling. 

  • I came across a similar problem executing a get request on a HTTPS URL.

    I found that in order to get around this using the OpenEdge RequestBuilder method i had to manually import the cert into $DLC/certs (see KB: 000043064 for more information).

    For my example i also had to turn of SSL host verification.

    DEF VAR oLib AS IHttpClientLibrary NO-UNDO.

    DEF VAR oRequest AS IHttpRequest NO-UNDO.

    DEF VAR oResponse AS IHttpResponse NO-UNDO.

    oLib = ClientLibraryBuilder:Build():sslVerifyHost(NO):Library.

    oRequest = RequestBuilder:Get(oURI):AcceptAll():Request.

    oResponse = ClientBuilder:Build():UsingLibrary(oLib):Client:Execute(oRequest).

    Hope this helps.