Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

How to accept Server certificate during SSL

340 views
Skip to first unread message

Vitaly

unread,
May 31, 2005, 10:37:18 AM5/31/05
to
Based on the information I got from WinHTTP forum I compiled the program and
it is working fine with regular HTTPS servers, but in case server requires
client to accept certificate I’m getting 12175 Error. I’m trying to accept
server certificate but it doesn’t work. Please help me to find solution.
Here is my code:


DWORD dwSize = 0;
DWORD dwDownloaded = 0;
LPSTR pszOutBuffer;
BOOL bResults = FALSE;
HINTERNET hSession = NULL,
hConnect = NULL,
hRequest = NULL;

// Use WinHttpOpen to obtain a session handle.
hSession = WinHttpOpen( L"WinHTTP Example/1.0",
WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS, 0);

// Specify an HTTP server.
if (hSession)
hConnect = WinHttpConnect( hSession, L"localhost",
8443, 0);

// Create an HTTP request handle.
if (hConnect)
hRequest = WinHttpOpenRequest( hConnect, L"GET", NULL,
NULL, WINHTTP_NO_REFERER,
WINHTTP_DEFAULT_ACCEPT_TYPES,
WINHTTP_FLAG_SECURE);

// Send a request.
if (hRequest){
bResults = WinHttpSendRequest( hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS, 0,
WINHTTP_NO_REQUEST_DATA, 0,
0, 0);
}else{
printf ("WinHttpSendRequest error: %ld",GetLastError());
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
// Stephen suggested to put WinHttpQueryOption over here
// I tried to put it before WinHttpSendRequest and it still
did not work
if (hRequest)
{
DWORD dwCsz = sizeof (PCCERT_CONTEXT);
PCCERT_CONTEXT gcertContext;
if( !WinHttpQueryOption( hRequest,
WINHTTP_OPTION_SERVER_CERT_CONTEXT,
&gcertContext,
&dwCsz))
{
printf("Error in WinHttpQueryOption: %ld",GetLastError());
}
}
//~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~`
// End the request.
if (bResults)
bResults = WinHttpReceiveResponse( hRequest, NULL);

Vitaly

unread,
May 31, 2005, 6:44:35 PM5/31/05
to
Just found solution.
The problem was that my server certificates were expired and client failed
to accet them.
Here is solution:

DWORD dwSize = 0;
DWORD dwDownloaded = 0;
LPSTR pszOutBuffer;
BOOL bResults = FALSE;
HINTERNET hSession = NULL,
hConnect = NULL,
hRequest = NULL;

// Use WinHttpOpen to obtain a session handle.
hSession = WinHttpOpen( L"WinHTTP Example/1.0",
WINHTTP_ACCESS_TYPE_DEFAULT_PROXY,
WINHTTP_NO_PROXY_NAME,
WINHTTP_NO_PROXY_BYPASS, 0);

// Specify an HTTP server.
if (hSession)
hConnect = WinHttpConnect( hSession, L"localhost",
8443, 0);

// Create an HTTP request handle.
if (hConnect)
hRequest = WinHttpOpenRequest( hConnect, L"GET",NULL,
NULL, WINHTTP_NO_REFERER,
WINHTTP_DEFAULT_ACCEPT_TYPES,
WINHTTP_FLAG_SECURE);

DWORD options = SECURITY_FLAG_IGNORE_CERT_CN_INVALID |
SECURITY_FLAG_IGNORE_CERT_DATE_INVALID |
SECURITY_FLAG_IGNORE_UNKNOWN_CA ;

bResults = WinHttpSetOption( hRequest, WINHTTP_OPTION_SECURITY_FLAGS ,
(LPVOID)&options, sizeof (DWORD) );

if(bResults == FALSE){
printf("Error in WinHttpQueryOption WINHTTP_OPTION_SECURITY_FLAGS:
%ld\n",GetLastError());
}

// Send a request.
if (hRequest){
bResults = WinHttpSendRequest( hRequest,
WINHTTP_NO_ADDITIONAL_HEADERS, 0,
WINHTTP_NO_REQUEST_DATA, 0,
0, 0);

if(bResults == FALSE)
printf ("WinHttpSendRequest error: %ld\n",GetLastError());

0 new messages