PDA

View Full Version : Advice: Using a Cert for SSL



kscott
03-03-2005, 08:00 AM
I am trying to call a web service over https and I am getting an error complaining about a bad certificate authority. I've tried to import the certificate from the server into several of my user stores. I am a VBA novice, so I'm not sure exactly how to do it what I want. I THINK that what I want to do is set some ConnectorProperty in the web service file, but I can't find where the valid properties are documented. Could someone eithier point me to this documentation or tell me how do set up the certificate so that my VBA will trust me server. Thanks!

gorbet
03-07-2005, 02:17 PM
I've only attached digital certs (purchased from Thawte) to my own Excel VBA apps so not sure what you need. It sounds like you're connecting to a site to fetch data and that site has an invalid or out of data cert, is that the case? Is this access being done via Excel's web query? (Another feature I've only played with.)

Deb

kscott
03-07-2005, 02:20 PM
Deb,
Thanks for your reply!
That's exactly the problem. I need to set the client to trust the server even though the cert is invalid. I'm trying to connect to the server to perform a web service call.
KS

gorbet
03-07-2005, 03:16 PM
I'd first try to get a 'normal' web query working just to make sure you have everything working. I'd do this manually and in code too.
I found this article in the MSKB about this process:
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnoffsol02/html/odc_WellkeptSecret.asp


At the end of this article is a note of caution about dealing with sites with certs so you may be SOL. I haven't tried dealing with cert'd sites especially one in which the cert is out of date. Once you get a non-cert site working, I'd step through the process again with the invalid cert site and see what line exactly is failing. Is this an error that can be ignored with simple ON ERROR RESUME NEXT or is it catastrophic?

Deb :think:

kscott
03-07-2005, 03:24 PM
I have gotten Web Services from other machines without SSL working, so I feel pretty good about the set up. I checked out that article and tried ON ERROR RESUME NEXT, it just ends the call. I may just have to wait until I get a valid cert on the server

Thanks for your help :-)