RE: HTTPS connections

Rick what Scott is saying is 99% the reason you cannot connect to someone via HTTPS, you just don't trust their issuing (root) certificate chain.

When looking at certificates, you have the one used to identify the web site, the one that generate that certificate and sometimes another one that signed the signing certificate
Root => Intermediate=> identifying

Use your desktop browser to go to the web site and then click on the lock (I am using chrome in this example) and select the certificate path tab. You will need the top level certificate in your certificate store and all the intermediate certificates. The bottom level certificate that identifies the URL is not required. Again start importing from the top level and work your way down. I have seen as many as 4 levels.

Chris Bipes
Director of Information Services
CrossCheck, Inc.
-----Original Message-----
From: MIDRANGE-L <midrange-l-bounces@xxxxxxxxxxxxxxxxxx> On Behalf Of Scott Klement
Sent: Friday, June 25, 2021 12:54 PM
To: midrange-l@xxxxxxxxxxxxxxxxxx
Subject: Re: HTTPS connections

Hi Rick,

What you are describing is actually the default behavior. HTTPAPI does not send a certificate unless you set up an application identifier in the digital certificate manager, and then configure that app id for a client certificate.

The use of clients-side certificates is unusual.

Please be sure you are not confusing client-side certificates with CA certificates. :-)  If you are thinking that they are required, it is more likely that you are thinking of CA certificates.

-SK