Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Trying to work with MSXML object, get "A certificate is required .

15 views
Skip to first unread message

C S S

unread,
Aug 21, 2008, 11:53:02 AM8/21/08
to
I'm writing code in MS Access to query a web service (the VMWare SDK) to
enumerate through a list of the active hosts & VMs to store the information
in local Access tables. The web service is using SSL . The relevant code
is below:

Set oXMLHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
Set oXMLDOM = CreateObject("MSXML2.DOMDocument.6.0")
strURL = "https://server1:443"
sXML = "<SOAP MESSAGE BODY HERE>"
oXMLDOM.LoadXML sXML
oXMLHTTP.SetOption 2, 13056
oXMLHTTP.Open "POST", strURL, False

oXMLHTTP.Send oXMLDOM.XML

On the oXMLHTTP.send I get the error "A certificate is required to complete
client authentication." This appears to be addressed in MS KB 294266 where
they said it was a bug in earlier versions of the MS XML and was fixed in
v3.0 SP1. However I still seem to be getting the error, and have checked
that I've got versions 3,4,5, & 6 on my machine. In the code above I believe
I'm specifically calling v.6.

Can someone help? How can I know for sure if I'm using a later version of
the XML object, and what am I missing to make this functionality work?

Martin Honnen

unread,
Aug 21, 2008, 12:44:03 PM8/21/08
to
C S S wrote:

> Set oXMLHTTP = CreateObject("MSXML2.ServerXMLHTTP.6.0")
> Set oXMLDOM = CreateObject("MSXML2.DOMDocument.6.0")
> strURL = "https://server1:443"
> sXML = "<SOAP MESSAGE BODY HERE>"
> oXMLDOM.LoadXML sXML
> oXMLHTTP.SetOption 2, 13056
> oXMLHTTP.Open "POST", strURL, False
>
> oXMLHTTP.Send oXMLDOM.XML
>
> On the oXMLHTTP.send I get the error "A certificate is required to complete
> client authentication." This appears to be addressed in MS KB 294266 where
> they said it was a bug in earlier versions of the MS XML and was fixed in
> v3.0 SP1. However I still seem to be getting the error, and have checked
> that I've got versions 3,4,5, & 6 on my machine. In the code above I believe
> I'm specifically calling v.6.
>
> Can someone help? How can I know for sure if I'm using a later version of
> the XML object, and what am I missing to make this functionality work?

You are using MSXML 6 objects as you have the program ids
MSXML2.ServerXMLHTTP.6.0 respectively MSXML2.DOMDocument.6.0.

I am not sure however why you get the error.


--

Martin Honnen --- MVP XML
http://JavaScript.FAQTs.com/

Anthony Jones

unread,
Aug 22, 2008, 5:48:06 AM8/22/08
to
"C S S" <C...@discussions.microsoft.com> wrote in message
news:1352AFAB-F4F1-490A...@microsoft.com...

I take it the site you are talking to is configured to accept a client
certificate for authentication? If that is not intended you need to change
the site.

Underlying ServerXMLHTTP is WinHTTP. Setting up WinHTTP to use supply a
client certificate is tricky to say the least. See:-

http://msdn.microsoft.com/en-us/library/aa384076.aspx

Whats really annoying is that the default certificate store used by WinHTTP
is placed in the Current_User registry hive. Seems a strange choice for a
technology aimed for use in services than rather user based interactive
sessions. If the code above runs as the anonymous user you will need to add
the client certificate to that users registry hive.

Note the setOption 2, 13056 relates to _Server_ certificates and is generaly
used because you want SSL to encrypt the session but you don't care that the
servers identity can't be verified.

The error you are getting is because the server can't verify the client's
identity.


--
Anthony Jones - MVP ASP/ASP.NET


0 new messages