Jump to content
Sign in to follow this  
Luigi

WinHttpRequest with self signed certificate

Recommended Posts

Luigi

Greetings,

I want use WinHttpRequest to access a OpenShift API server, it use a self signed certificate.

Does now work...

I never try with a self signed certificate, how do this?

Best regards

Global $oHTTP = ObjCreate("winhttp.winhttprequest.5.1")
$oHTTP.Open("GET", "https://openshift.domain:1234/api/", False)
$oHttp.Option(4) = 0x0100  + 0x0200 + 0x1000 + 0x2000
$oHTTP.Option(9) = 0x0080 ;WinHttpRequestOption_SecureProtocols
;~  $oHttp.SetClientCertificate("LOCAL_MACHINE\\Personal\\certificado.crt")
$oHttp.Send()

$oHttp.WaitForResponse()

Local $oAllHeaders = $oHttp.GetAllResponseHeaders()
$oReceived = $oHttp.ResponseText
$oStatusCode = $oHttp.Status
$oHttp = 0
If $oStatusCode = 200 Then
    ConsoleWrite("$oAllHeaders--------------------" & @LF & $oAllHeaders & "$oAllHeaders--------------------" & @LF)
Else
    ConsoleWrite("< error = " & $oReceived & @LF & $oAllHeaders & @LF)
EndIf

 


Visit my repository

Share this post


Link to post
Share on other sites
Luigi

I found the problem.

I use Windows Vista to develop this script, and it does not have TLS 1.2 protocol.

The OpenShift use TLS 1.2 in your certificate, so... always break in:

$oHttp.Option($WinHttpRequestOption_SecureProtocols) = 0x800

0x800 is TLS1.2, Windows Vista does not have.

The update is from Windows 7 for WinHttpRequest.

https://support.microsoft.com/pt-br/help/3140245/update-to-enable-tls-1-1-and-tls-1-2-as-a-default-secure-protocols-in

Someone know a way to update WinHttp to TLS 1.2 on Windows Vista?


Visit my repository

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

  • Similar Content

    • DrLarch
      By DrLarch
      Curious if anyone knows if the permissions UDF can be used with certificates and if so, how.
      This is the code in the UDF for $_SE_OBJECT_TYPE which doesn't state anything about certs and not sure if it would fall under one of the object types listed:
      Global Enum _ ;$_SE_OBJECT_TYPE $SE_UNKNOWN_OBJECT_TYPE = 0, _ ;Unknown object type. $SE_FILE_OBJECT, _ ;Indicates a file or directory. Can be an absolute path, such as FileName.dat, C:\DirectoryName\FileName.dat, or a handle to an opened file $SE_SERVICE, _;Indicates a Windows service. A service object can be a local service, such as ServiceName, or a remote service, such as \\ComputerName\ServiceName, or a handle to a service $SE_PRINTER, _;Indicates a printer. A printer object can be a local printer, such as PrinterName, or a remote printer, such as \\ComputerName\PrinterName. $SE_REGISTRY_KEY, _;Indicates a registry key. The names can be in the format 'HKLM\SOFTWARE\Example', or 'HKEY_LOCAL_MACHINE\SOFTWARE\Example'. It can also be a handle to a registry key $SE_LMSHARE, _;Indicates a network share. A share object can be local, such as ShareName, or remote, such as \\ComputerName\ShareName. $SE_KERNEL_OBJECT, _;Indicates a local kernel object. All types of kernel objects are supported. ie, A process handle obtained with _Permissions_OpenProcess $SE_WINDOW_OBJECT, _;Indicates a window station or desktop object on the local computer. $SE_DS_OBJECT, _;Indicates a directory service object or a property set or property of a directory service object. e.g.CN=SomeObject,OU=ou2,OU=ou1,DC=DomainName,DC=CompanyName,DC=com,O=internet $SE_DS_OBJECT_ALL, _;Indicates a directory service object and all of its property sets and properties. $SE_PROVIDER_DEFINED_OBJECT, _;Indicates a provider-defined object. $SE_WMIGUID_OBJECT, _;Indicates a WMI object. $SE_REGISTRY_WOW64_32KEY;Indicates an object for a registry entry under WOW64. ;$_SE_OBJECT_TYPE What I'm trying to do is add another user to a cert in Certificates (Local  Computer) > Personal > Certificates as if using the "manage private keys" command via the MMC.
      Thanks...
    • AndreyS
      By AndreyS
      Tell me, please, who knows why the function does not work with the specified site? _INetGetSource ("https://residence.biz.ua/")
      It is necessary to work with the protocol https. What is the problem?
    • Dante_t
      By Dante_t
      Hi Guys, I need help. I have searched the forum before posting and i couldn't find anything. The code below works fine when downloading files from "http" sites, but when trying to download from "https" sites, no files are downloaded. I tried different sites and I experience the same problem everywhere. Is there something I'm missing or doing wrong? Please note that I'm not a programmer and I'm new to this. I'm just using logic wherever i can to get things done. your help will be highly appreciated.
       
      #include <InetConstants.au3>
      #include <MsgBoxConstants.au3>
      #include <WinAPIFiles.au3>
      ; Download a file in the background.
      ; Wait for the download to complete.

      Example()
      Func Example()
          ; Save the downloaded file to the temporary folder.
          Local $sFilePath = "d:\"
          ; Download the file in the background with the selected option of 'force a reload from the remote site.'
          Local $hDownload = InetGet("https://en.wikipedia.org/wiki/HTTPS#/media/File:Internet2.jpg", $sFilePath& "Internet2.jpg", $INET_FORCERELOAD, $INET_DOWNLOADBACKGROUND)
          ; Wait for the download to complete by monitoring when the 2nd index value of InetGetInfo returns True.
          Do
              Sleep(250)
          Until InetGetInfo($hDownload, $INET_DOWNLOADCOMPLETE)
          ; Retrieve the number of total bytes received and the filesize.
          Local $iBytesSize = InetGetInfo($hDownload, $INET_DOWNLOADREAD)
          Local $iFileSize = FileGetSize($sFilePath&"Internet2.jpg")
          ; Close the handle returned by InetGet.
          InetClose($hDownload)
          ; Display details about the total number of bytes read and the filesize.
          MsgBox($MB_SYSTEMMODAL, "", "The total download size: " & $iBytesSize & @CRLF & _
                  "The total filesize: " & $iFileSize)
          ; Delete the file.
          ;FileDelete($sFilePath)
      EndFunc   ;==>Example
       
    • luckyluke
      By luckyluke
      Hello all,
      Im trying to get the information from https website, but it does not return any thing, here is the code:
      Global $oHTTP = ObjCreate("winhttp.winhttprequest.5.1")
      $agent ='Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36'
      $url = "https://www.sportinglife.com/racing/results"
      $oHTTP.Open("GET", $url, False)
      $oHTTP.setRequestHeader ("User-Agent", $agent)
      $oHTTP.Option(4) = 13056
      $oHTTP.Send()
      $src = ($oHTTP.ResponseText)
      ConsoleWrite($url & @CRLF)
      MsgBox(0, '$src', $src)
      when i tried with other website, it is working, but this code does not works with this website. Pls help me
      thank you.
    • colombeen
      By colombeen
      Hi guys,
      I have a pretty advanced question...
       
      This is the issue i'm facing :
      On a regular basis we need to install pfx certificates (with password protection) on devices from external companies.
      To install the certificate we always have to contact the user, setup a really dull and long process to get an RDP session to that device, install the certificate.
       
      I'm looking for :
      a way to generate exe files on the fly, that will include the pfx file and password, and automatically install them without any interaction from the user, and the user not being able to retrieve the password to install the certificate.
       
      Question :
      Is this possible with AutoIT? And if so, does anyone have a working example for the certificate installation part or the auto generate with file include?
       
      Thx in advance
      colombeen
×

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.