convert Curl to in Winbatch Help

[markgolay]

This works in Curl

curl -q -k --cert client-2048.crt --key client-2048.key https://xxxxxxx/api/certlogin -d "username=xxxxxxxx&password=xxxxxxxx" -H "X-Application: xxxxxxxxxxxxx"

But I would like to use Winbatch

oHTTP = CreateObject("WinHttp.WinHttpRequest.5.1")
or
iHostConnect(tophandle, host, @HTTPS, "", "")

I have been trying both of the above  , Could someone maybe just give me some ideas, Its getting the CRT Key , I do not have enough Knowlegde took me long enough to create them with openssl..

Hope someone can get me started , then happy to experiment
Thanks

[td]

This works in Curl

curl -q -k --cert client-2048.crt --key client-2048.key https://xxxxxxx/api/certlogin -d "username=xxxxxxxx&password=xxxxxxxx" -H "X-Application: xxxxxxxxxxxxx"

But I would like to use Winbatch

oHTTP = CreateObject("WinHttp.WinHttpRequest.5.1")
or
iHostConnect(tophandle, host, @HTTPS, "", "")

I have been trying both of the above  , Could someone maybe just give me some ideas, Its getting the CRT Key , I do not have enough Knowlegde took me long enough to create them with openssl..

When you say 'Its getting the CRT key', which 'It' are you referring to.  If you are referring to the site, which method or methods other than cUrl successfully sends the certificate.  If you are referring to a method, are you referring to one of the methods other than cUrl?

[markgolay]

I think I worked out the Headers in Winbatch , but cant find a examples of how to send/Attached the key & crt SSL Certifcates (files) that where created with openssl, I have tested the SSL files with curl & this works correctly & returns a correct respone , but going around in circles in Winbatch or getting the correct http code to submit without using curl...

[td]

You can use the iOptionSet function's 'client_cert_context' option to set a certificate.  However, the option is poorly documented and I am not entirely sure that it actually works.  I do know that it will look for the certificate by the certificates 'subject' in the 'default' store ( the registry) so you will need to install it there.  You can use 'certmgr.msc' to make sure it is installed.  I am not entirely sure which logical stores are checked so you may need to experiment.

On the other hand, the 'WinHttp.WinHttpRequest' object has the  'SetClientCertificate' to set a certificate that should work with HTTPS.  The documentation can be found here

http://msdn.microsoft.com/en-us/library/windows/desktop/aa384055(v=vs.85).aspx

[markgolay]

Could really do this some examples of others that have achieved simply with openssl Http conection, as not getting anywhere , have read lots & getting know where , Would like to get this to work in winbatch & do not want to submit via curl... any working examples that I could play with would help me experiment

[td]

Try a search on 'SetClientCertificate' in your search engine of choice. There are multiple examples to explore.  I suspect that one of your issues is getting your certificate into a format that is acceptable to both the method and the server so that you don't have to specify both key and certificate when using 'SetClientCertificate'.  This is speculative but you might what to consider converting the certificate to the .pem format which can have both the public key and certificate chain embedded in the same file and is often used by open source software like openSSL. 

[td]

The Tech Database does contain a couple of sort-of-useful examples

http://techsupt.winbatch.com/webcgi/webbatch.exe?techsupt/nftechsupt.web+WIL~Extenders/WinInet+Require~Certificate~for~HTTPS~Downloads.txt