WebServices and SSL
David Burhans
created a certificate using the certificate services and installed it on IIS
so the WebService directory uses SSL. I reimported WSDL classes into my
projects and everything works fine when accessing the WebService remotely
through SSL.
My problem is that I have a suite of applications that run on the same
server as IIS that also use the WebService. None of these applications can
successfully connect to the WebService while running on that server (they
work fine if I run them remotely). I get an error box that says "The
certificate authority is invalid or incorrect."
Any ideas what's causing this or how I can get around it?
Thanks,
Dave
Jean-Marie Babet
I am not sure why the transport thinks that the certificate is invalid but
there's an option that might be helpful: The THTTPReqResp component has a
property 'InvokeOptions' that expose a 'soIgnoreInvalidCert' setting. When
enabled, the component will set the INTERNET_FLAG_xxxx flags to ignore
expired/invalid dates and disable the host name check performed by WinInet.
Maybe the certificate is assigned to a different host than how you're
accessing the server (during our recent switch from 'borland' to 'codegear'
my tests with Borland webservices generated a similar error because the
certificate is assigned to 'borland', not the 'codegear.com' I'm now using).
Let me know if the above does not help and we'll investigate some more.
Cheers,
Bruneau.
PS: As a client you get to that property via
THTTPRIO->HTTPWebMode->InvokeOptions.