Using Client certificate with HTTPRIO

Hi,

Working with XE2 now the THTTPRIO.HTTPWebnode has ClientCertificate properties. I can select a certificate from the store at design time but that's it. It seems to do nothing at all. 

Has anybody a working example for a THTTPRIO.HTTPWebnode with a clientcertificate?

Thanks.
6
Michel
2/25/2013 10:43:44 AM
embarcadero.delphi.webservices 976 articles. 0 followers. Follow

2 Replies
7155 Views

Similar Articles

[PageSpeed] 13

Hello,

>
> Working with XE2 now the THTTPRIO.HTTPWebnode has ClientCertificate 
> properties. I can select a certificate from the store at design time but 
> that's it. It seems to do nothing at all.
>
> Has anybody a working example for a THTTPRIO.HTTPWebnode with a 
> clientcertificate?
>

I do not have an example handy but I have used Client Certificates long long 
time ago and can describe some steps to help  investigate why it's failing 
on your side. Plus I believe there was a regression recently and that could 
be biting you.

Let's start with the regression: the Client Certificate support was added in 
a Weaver [Delphi 2010] update. Since updates cannot make interface changes, 
the support was snuck in via a class helper. In a later version the helper 
was removed and the logic moved into THTTPReqResp. But a regression snuck: 
the change forgot to add IClientCertInfo to THTTPReqResp. So check that in 
your version. If that's not the issue, then here's how to investigate.

Add SOAPHTTPTrans.pas to your project. Connect to a Service that requires a 
Client Certificate. Set a breakpoint in the logic that handles the 
ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED error. The logic should open the 
store, find a certificate that matches the serial number stored at design 
time, and set it via a call to "InternetSetOption(Request, 
INTERNET_OPTION_CLIENT_CERT_CONTEXT, ...".

Let me now if the above does not help and we'll dig a little further based 
on what you saw in the debugger.

Cheers,

Bruneau
0
Jean
3/6/2013 7:50:52 PM
> {quote:title=Michel van Kasteren wrote:}{quote}
> Hi,
> 
> Working with XE2 now the THTTPRIO.HTTPWebnode has ClientCertificate properties. I can select a certificate from the store at design time but that's it. It seems to do nothing at all. 
> 
> Has anybody a working example for a THTTPRIO.HTTPWebnode with a clientcertificate?
> 
> Thanks.


I'd like to know if you had luck with this issue.  I have the same problem :(.
0
Luis
11/13/2013 8:42:41 PM
Reply:

Similar Artilces:

Using client certificates: "Require client certificates" is enabled on IIS
 Hey world, I have an application that works fine using SSL, but when I enable  "Require client certificates" on IIS it prompts the client for a certificate (behavior kind of expected) but I can't figure out how to create a "Client Certificate" so the client can access the application. I followed step by step this article with no luck:http://support.microsoft.com/kb/901183 (the WinHttpCertCfg.exe –i PfxFile -c LOCAL_MACHINE\MY -p Password  line just wouldn't work) I created a certificate on my test web server using "SelfSSL" and then I exported it as an .P...

Calling WebServices from PB9 using SSL and client certificates
Hi, We are trying to connect a PB9 client program to a webservice running on EAServer (4.2.2) using SSL with Server and Client authentication. If we only require Server Authentication we are able to invoke, and connect to the webservice using the Soapconnection object in powerbuilder. When we require Client Authentication also and we leave our code as is, we get the error message 'Error negotiating secure connection : error:00000001:lib(0):func(0):reason(1)'. Note that we did generate client certificates and imported it at the server; by using the Internet Explorer, we c...

to use a webservice or not to use a webservice?
hi folks, i have a web-based application that connects to a server for processing and then gets back the data from the server asynchonously to display to the user--specifically, the user identifies a product by answering coupla questions and then the program connects to a CAD server to generate models of the product to display to the user. creating the CAD files typically takes little over a minute or so...but i would like to know whether its a good idea to use a web-service to connect to the CAD server and then do the processing or whether remoting is a better way to do this. ...

Generate, client certificate for use with ASP.Net webapp, use for auth
I need to do the following: 1. Generate a client certificate that has a common name (CN) of "my.server.com:myappname". 2. Generate a CSR that I can send to a remote company in order for them to sign my certificate. I paste the CSR into the company's webform, hit submit, the remote company will then send me back a certificate for their CA, and a signed certificate for my app to use to communicate with their servers. 3. Import the CA certificate so that the signed certificate I was issued will be considered valid. 4. Import the signed certificate for my webapp. 5. Acc...

To use or not to use Delphi
Sadly, it seems to me that there is a sort of race between the two threads, for and against using Delphi in new projects, with more or less the same users posting in both threads. Arguments are fiercely debated in both camps. Borland had their own vision. As a community, now that Delphi has changed ownership I believe we should try to be more consistent, more clear, and more articulate in what we expect from Embercadero in terms of Delphi. We can contribute to keeping Delphi alive and moving in the right direction. "Laurent Cocea" schrieb: > Sadly, it seems to me that there is a sort of race ... <snip> Some people go fishing, some go to the movies, some like to take long walks on the beach, and then some like to type their fingers bloody discussing totally irrelevant issues on public Newsgroups. And my wife likes to watch soap operas and follow posts from a forum where new-baked parents are discussing their kids-issues. Everyone needs a hobby :-) Regards, Danijel Laurent Cocea wrote: > Sadly, it seems to me that there is a sort of race between the two > threads They're essentially the same thread with a little more trolling in one than the other. Lots of free time over the holidays and all. I think the discussion in general is a good thing, though. Help remind people why a tool like Delphi is worth while, and maybe even shed some light on some of the things that still need attention. I still learn about ...

Accesssing webservice with client certificate
Hi Guys, I am trying to access a webservice that requires client certificate for authentication. The client has sent us the certificate(.p12) along with the password, and I have installed the certificate under my local machine store as explained in the following article. http://support.microsoft.com/kb/901183.   Using WSE2.0 I am also able to pull the certificate using the following code: // WSE 2.0 method  X509CertificateStore store =    X509CertificateStore.LocalMachineStore(X509CertificateStore.MyStore);  store.OpenRead();  // Look for the first cer...

Using client certificates for smtps
Hi! Is it possible to use client certificates for authentication to smtps srver? Mozilla Thunderbird is supporting smtps, but I see no way to install client certificates and use them to authenticate... Regards, --=20 Mariusz Wo=B3oszyn Internet Security Specialist, GTS - Internet Partners Mariusz Woloszyn wrote: > Is it possible to use client certificates for authentication to smtps > srver? > Mozilla Thunderbird is supporting smtps, but I see no way to install > client certificates and use them to authenticate... > > Regards, > The word I'...

Client Authentication using certificates.
Hi! I am using libwwwperl to send a post request in HTTPS. I am using client authentication through certificates in Apache+mod_ssl. How to I send the certificate through LWP::UserAgent? any sample code will be of a great help. Thanks in Advance Tusar ===== Tusar K Nayak @Communicators http://tusar.netshooter.com Ph - 91-11-5528098(R) Fax:91-11-5613991 ************************************************* When in doubt, follow your heart. __________________________________________________ Do You Yahoo!? Get Yahoo! Mail � Free email you can access fr...

Client auth only sending client certificate, not sending intermediate CA certificates
[ moved to this list, per = https://groups.google.com/d/msg/mozilla.support.firefox/Ba4MzFQxqP8/DbmDU= CbJqxkJ ] I was trying to figure why some of the uses were not having a chain sent = to the server for their client certificate, and it turns out Firefox = does not send (by default?) the chaining certs. After reviewing https://wiki.mozilla.org/PSM:CertPrompt , it seems = Firefox will 'validate' that the client cert can be chained, before = allowing the user to select it. Here is a snippet of a diff of the TLS Certificate, Client Key Exchange, = and Certificate Verify ...

call webservice using javascript without using AJAX and webservice.htc?
HI,how can i call a webservice without using AJAX and Webservice.htc, using any protocols?Thanks.X you could skip using an AJAX framework and issue an xmlHttpRequest directlyhttp://en.wikipedia.org/wiki/XMLHttpRequestMike Banavige~~~~~~~~~~~~Need a site code sample in a different language? Try converting it with: http://converter.telerik.com/ Hi, thanks mbanavige.well, is there any disadvantage of using xmlhttprequest?and one more question can AJAX also work on other web servers than IIS like Apache? and is AJAX compatible with all browsers other than IE?how can i call a web servi...

Client auth only sending client certificate, not sending intermediate CA certificates
I was trying to figure why some of the uses were not having a chain sent = to the server for their client certificate, and it turns out Firefox = does not send (by default?) the chaining certs. After reviewing https://wiki.mozilla.org/PSM:CertPrompt , it seems = Firefox will 'validate' that the client cert can be chained, before = allowing the user to select it. Here is a snippet of a diff of the TLS Certificate, Client Key Exchange, = and Certificate Verify packets of IE and FF. Full packets upon request. $ diff -u firefox-client-TLS.txt internetExplorer-client-TLS.txt ...

Using THTTPRIO with client side certificate
Hi, I'm connecting with THTTPRIO to a server and using WebServices that i generate with WSDLImp.exe. There are a two types of authorization. Basic authorization with user name and password and the second with client side certificate and user name, password. For basic authorization I'm using: Rio.HTTPWebNode.OnBeforePost := EvHandler.OnBeforePost; .... procedure TEventHandlers.OnBeforePost(const HTTPReqResp: THTTPReqResp; Data:Pointer); begin if not InternetSetOption(Data, INTERNET_OPTION_USERNAME, PChar(UserName), Length(UserName))then ShowMessage(SysErrorMessage(GetLastError)); if not InternetSetOption(Data, INTERNET_OPTION_PASSWORD, PChar(Password), Length (Password)) then ShowMessage(SysErrorMessage(GetLastError)); end; All works fine. If i want to authorizate with certificate, I add to OnBeforePost: var PCertContext:PCCERT_CONTEXT; .... if not InternetSetOption( Data, INTERNET_OPTION_CLIENT_CERT_CONTEXT, PCertContext, Sizeof( CERT_CONTEXT ) ) then ShowMessage(SysErrorMessage(GetLastError)); Now, if I call a webservice, pop up a window that want username and pasword. If I insert it and click ok, window pop up again and again... Clicking on Storno throw exeption 401: Unauthorized. What I'm doing bad? Thanks for help, Jan. > {quote:title=Jan Fabinger wrote:}{quote} > Hi, > > I'm connecting with THTTPRIO...

Authenticate a webservice using X509 Certificate
Hi All, I am working with webservices and its security. I have a webservice and client application.now i need to secure the web service  while calling and as well as serving the request. I had created the x509 certificate and ........ Now i am not able to proceed further... I will give the sample code i wrote in order to authenticate the user using the x509 certificate: <WebMethod()> _ Public Function NewAuthentication(ByVal mvarUserID As String, ByVal mvarpassword As String, ByVal X509cert As X509Certificate) As DataSet 'UsernameForCertificateAssertion) As DataSetDim d...

Using client certificate to identify user
hello, our users have their own client certificates instlled on machines and we would like to identify them by initializing/open user identification request window in browser. After selecting appropriate we want to process client certificate information (like id,...) in our IW application. ....any suggestions, how to implement identification in intraweb 14.0.25 Best regards, ...

SMART Clients using delphi 2006
"SMART Clients" is the future of enterprise software... It is based on Three tier architecture using Web Services... With codegear is so easy develop this kind of software using TSOAPDataModule, TSoapConnection, etc... How much developers are building "SMART Clients" with Delphi 2006 or 2007? Hi! > {quote:title=Juan Carlos Porras Boada wrote:}{quote} > "SMART Clients" is the future of enterprise software... For most of my clients this future is past... > It is based on Three tier architecture using Web Services... > With codegear is...

using x509 certificate in securing a webservice
  i am using wse 3.0 to secure my webservice  but i am not getting it right  next are the steps that i followed tell me where i went wrong  1. used makecart  tool to creat a certificate 2. to secure  my webservice  i used wse 3.0  in server and client policy i used same sertificate so that every thing matches i configured my client and server with the same sertificate in that case    but in response of client  request i get this earror  Object contains only the public half of a key pair. A private key must also be provided.&nb...

File encryption using client certificate
I want to encrypt/decrypt file using client certificate. I was doing it for= FireFox for PC using CryptEncryptMessage(http://msdn.microsoft.com/en-us/l= ibrary/windows/desktop/aa379925(v=3Dvs.85).aspx). I want to do the same in = javascript using NSS and JS-Ctypes but was not able to find any similar API= .. Is there one? The closest i found was using XPCOM nsICMSSecureMessage's sendMessage (http= s://mxr.mozilla.org/mozilla-central/source//security/manager/ssl/public/nsI= CMSSecureMessage.idl). Any idea about the encryption algorithm used in nsIC= MSSecureMessage?=20 Thanks ...

using client SSL certificate with Firefox
------=_Part_3233_3369848.1142383177612 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Hello, I generated a client SSL certificate (tried both by using openssl and certutil) converted it to PKCS#12 format. After that, I imported it into Firefox and can see the certificate of the "Your Certificates" tab in Edit = > Preferences > Advanced > View Certificates. However, when I do the TLS handshake, the client never sends a certificates - the certificate callback function always fails and the ...

SSL-client auth. using certificate
Hi all, can anybody help me out to tell me howto authentificate to a SSL v3 server using a client certificate? TIA Tobias -- Sent through GMX FreeMail - http://www.gmx.net ...

Connect to a Secure webservice with Client Certificate
HI,Hoping someone can help.  We have a web application developed in ASP.NET VB.  We are using a third party that provides data for our use in XML via a secure URL.  I am using XMLReader to read the XML, and works fine on a local test file.  However I can't get it to use the live data as I cannot connect securely.  The error is :System.Net.WebException: The request was aborted: Could not create SSL/TLS secure channel.  I need to use a client certificate (which we have) to access the XML via a URL.   Unfortunately I dont know where to start ...

Using client-side certificates with Sunbird
Does anyone have any clue how to enable the use of client-authentication certificates with Sunbird? I'm trying to access a calendar on a WebDAV folder that requires client authentication. I can browse the folder with Firefox or IE if I've imported the client certificate into them, but Sunbird doesn't have the certificate management options that Firefox does. Is this something that it's easy to turn on in the XUL, or is there some more fundamental problem with me doing this in Sunbird? [Cross-posting and setting follow-ups to go to mozilla.support.calendar] ...

Linux client and Encryption using certificates
Can anyone tell me when the linux client will have certificates for encryption - we are in the process of migrating users from pop/evolution to groupwise and of course we receive email from a government agency that is encrypted using a certificate - no problem with evolution or windows client (or thunderbird) but mid way in migration I discover that the Linux client doesn't do it and if my reading of this forum is correct - bonsai won't have it either. Web client doesn't have it as well so that's not a solution - at present work around is to leave evolution connecte...

Authentication using a client certificate OR a username / password
Hi, I need to develop a website which uses client certificates for silent login. But when a clinet does not issue a certificate, form based authentication should be used. Is this possible (since I read that for clinet certificates, in IIS Basic, Digest or Windows Integrated security should be enabled, while for form based authentication Anonymous access is needed. Regards, Ad areijngoudt: I need to develop a website which uses client certificates for silent login. Hi Base on my understanding , you want to protect your site using Secure channel with certificates. but those windows ...

Password Encryption through Open Client using Delphi
I am going to develop a client application using Delphi 6 Enterprise Edition to access Sybase using Open Client with password encryption feature. I have read passages on how to do password encryption through Open Client. However, it looked like C code. Can anyone enlighten me on how and where to put the password encryption codes in my Delphi program. I am quite sure it should be somewhere around the database component property. But I don't know what exactly to do. Thanks for your help. ...

Web resources about - Using Client certificate with HTTPRIO - embarcadero.delphi.webservices

Wildcard certificate - Wikipedia, the free encyclopedia
In addition, wildcards themselves can have subjectAltName extensions, including other wildcards. For example: The wildcard certificate *.wikipedia.org ...

Lesbian mothers to be automatically recognised on birth certificates in SA - AdelaideNow Search Search ...
BOTH lesbian mothers will be recognised on their child’s birth certificate — not just the woman who gives birth — under changes approved by Parliament’s ...

New gender non-specific birth certificates for the ACT
... become interchangeable under new laws passed by the ACT parliament on Tuesday, with parents able to choose either label. Birth certificates ...

Model Raquel Santos: Plastic surgeon ‘forged’ death certificate
A PLASTIC surgeon has been accused of forging the death certificate of a beauty queen who died after undergoing a simple cosmetic procedure known ...

PSA: Updated Apple certificate means old OS X installers don’t work anymore
(credit: Andrew Cunningham) On February 14, something called the Apple Worldwide Developer Relations Intermediate Certificate expired. This ...

'Making a Murderer' fans say this death certificate supports the theory that police framed Steven Avery ...
... evidence is being seen as more proof of a potential police conspiracy to frame "Making a Murderer" subject Steven Avery. A death certificate ...

Project issues 1 million free digital certificates in three months
Let's Encrypt, an organization set up to encourage broader use of encryption on the Web, has distributed 1 million free digital certificates ...

Let's Encrypt Free Certificates' Success Challenges SSL/TLS Industry
NEWS ANALYSIS: The free security certificate effort backed by the Linux Foundation achieves a major milestone with one million free certificates, ...

Antonin Scalia Died of a Heart Attack, According to Death Certificate
The late Supreme Court justice Antonin Scalia died this week of a heart attack, according to his death certificate. Read more...

Texas to Use Birth Certificate to Determine Athlete's Gender
School superintendents in Texas have overwhelmingly approved a change that requires public school officials to use a birth certificate to determine ...

Resources last updated: 3/12/2016 6:44:25 AM