|
You need client certs in HTTP? I've never heard of that requirement. At any rate, client certs are part of SSL, not part of HTTP. You don't encode them in the HTTP header, but rather you put them in the SSL handshake. Although I haven't tested it, my HTTPAPI should already do that if you assign a client certificate to the application in the digital certificate manager. Have you considered using HTTPAPI (or similar) solution instead of writing the HTTP code yourself? http://www.scottklement.com/httpapi/ On Sat, 25 Oct 2003, Peter Connell wrote: > Using sockets in RPGLE to send an HTTP request to a remote HTTP server > has long been standard fare. Using SSL sockets proved a little more > difficult with much thanks to some sample RPGLE code from Barbara Morris > a couple of years ago. > > It is also clear how to embed base64 encoded authentication details into > the HTTP header for connection to sites that require Basic > Authentication. But does anyone know how to accomodate a site that > requires a client certificate for authentication. I did a brief google > search for RFCs on this but they prove to be tiresome. > > I would like to think that it's as simple as knowing the correct HTTP > directives to embed the header and then just copy in the client > certificate directly from where it is stored on the IFS but that may be > wishful thinking. It would be also be nice to be able to dump a > communication trace for such a request but it is unfortunately > unreadable since it is encrypted. I presume that would also be the case > for some tool that might expose the header when using a browser to > connect. > > Finding info on this stuff seems like looking for a needle in a haystack. > Can anyone help? >
As an Amazon Associate we earn from qualifying purchases.
This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].
Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.