Can't use HTTPS with ServerXMLHTTP object

certificate https soap xmlhttprequest asp-classic

Try adding oHttp.setOption 2, 13056


Just found the solution to this which has passed testing on:

  • Windows 10 (IIS 10)
  • Windows 2012 R2 (IIS 8.5)

It's a client problem. MSXML2.ServerXMLHTTP does indeed require you to use a client certificate when calling an endpoint secured with SSL (even if the endpoint doesn't require it), as the OP noted.

On the webserver, you need to:

  1. Create a client certificate
  2. Assign permissions to the certificate
  3. Set the certificate on the ServerXMLHTTP object

In detail:

1. Create a client certificate

Use the following PowerShell command to create a new self-signed certificate:

New-SelfSignedCertificate -DnsName "ServerXMLHTTP", "ServerXMLHTTP" -CertStoreLocation "cert:\LocalMachine\My"

Note that the certificate created by this command will only be valid for 1 year.

2. Assign permissions to the certificate

Using MMC, view the certificate store for the computer account: How to: View Certificates with the MMC Snap-in

The certificate created above can be found in Certificates (Local Computer)\Personal\Certificates (the "Issued By" and "Issued To" columns display "ServerXMLHTTP").

Right click the ServerXMLHTTP certificate, select "All Tasks" -> "Manage Private Keys" and the permissions dialog will display.

Add the user that the ASP website app pool is running as. By default it will be running as "ApplicationPoolIdentity", but your setup may be using a specific user account. If the app pool is using ApplicationPoolIdentity, the username to add is "IIS AppPool\APP POOL NAME", e.g. IIS AppPool\DefaultAppPool

The user will be added with "Full Control" which can be deselected. Only "Read" permission seems to be required. Click "OK" to confirm the permissions.

3. Set the certificate on the ServerXMLHTTP object

In your ASP code, set the ServerXMLHTTP object to use the certificate created above. For example calling PayPal for an access token:

Dim strAuthToken: strAuthToken = "<Base64 encoded version of ClientId:Secret>"
Dim oHttp: Set oHttp = Server.CreateObject("MSXML2.ServerXMLHTTP")

With oHttp
    Call .Open("POST", "https://api.sandbox.paypal.com/v1/oauth2/token", False)
    Call .SetOption(3, "LOCAL_MACHINE\My\ServerXMLHTTP")
    Call .SetRequestHeader("Content-Type", "application/x-www-form-urlencoded")
    Call .SetRequestHeader("Authorization", "Basic " & strAuthToken)
    Call .Send("grant_type=client_credentials")
End With

Hopefully this is still of assistance.

Related

How to use multi color in richtextbox [duplicate]
Jquery Event Not Triggering for DOM Elements Created after page load [duplicate]
Python Loop: List Index Out of Range
When is it appropriate to use a constructor in REACT?
Detecting if paste event occurred inside a rich text box
Split words with a capital letter in sql
constrained optimization in R
How to get google search results
Pixel Array to UIImage in Swift
pysqlite: Placeholder substitution for column or table names?
How to add border to a container with transparent gaps in between
HTML5 Canvas getImageData and Same Origin Policy