Page 1 of 2
					
				X.509 Certificate
				Posted: Wed Sep 19, 2012 6:55 am
				by gradosic
				Did anyone ever try to create and sing .XML file with X.509 v3 certificate. In our country next year all documents created from user apps needs to be signed with this certificate and send via SOAP to government (invoices, paychecks, etc...).  Does xBase support something like this ?
			 
			
					
				Re: X.509 Certificate
				Posted: Wed Sep 19, 2012 7:19 am
				by rdonnay
				it appears that X.509 is a type of SSL certificate that can be generated with OpenSSL.
I see no reason why XML or SOAP that is generated with Xb2.Net cannot also include such a certificate.
I don't know any of the details but I feel strongly that it can be done with Xbase++.
Do you already use Xb2.Net for your SOAP or XML projects?
To see more about SSL look at \exp19\stunnel.
			 
			
					
				Re: X.509 Certificate
				Posted: Wed Sep 19, 2012 7:28 am
				by gradosic
				Roger, till now I had never use soap... 
 
 
I need to study everything becaouse till now I never work with any certificates...
 
			
					
				Re: X.509 Certificate
				Posted: Wed Sep 19, 2012 8:44 am
				by rdonnay
				Do you own Xb2.Net?
			 
			
					
				Re: X.509 Certificate
				Posted: Wed Sep 19, 2012 10:48 am
				by gradosic
				Roger,
No, I don't own xb2net. That is no problem if I can solve this issue with xb2net. Currently I own Alaska pro sub. and express, and I currently create XML with xbase.
			 
			
					
				Re: X.509 Certificate
				Posted: Wed Sep 19, 2012 12:48 pm
				by rdonnay
				You can probably do the soap calls without Xb2.Net (using Asinet) but it's a lot more work.
			 
			
					
				Re: X.509 Certificate
				Posted: Thu Sep 20, 2012 11:26 am
				by patito
				HI
 There is some more code that shows how you could create your own RSA keys and create a self-signed X.509 certificate from them. 
http://www.cryptosys.net/pki/
Wrapper using ot4xb, is not necessary xb2net
The dll of CryptoSys is excellent, it includes openssl and others
#xtranslate X509_GetCertFromPFX([<params,...>]) =>;
            FpQCall({"diCrPKI","X509_GetCertFromPFX" },"__sl__pt__pt__pt__sl"[,<params>])
Another alternative is to use Capicom  of microsoft
Best Regard
Hector
 
			
					
				Re: X.509 Certificate
				Posted: Thu Sep 20, 2012 11:43 am
				by gradosic
				Thank you Hector,
Do you have any similar expirience with this?   b2net look simpler and faster.
			 
			
					
				Re: X.509 Certificate
				Posted: Thu Sep 20, 2012 1:07 pm
				by patito
				Hi
Creating digital signatures in XML documents (XML-Dsig) using the standards for electronic invoices 
The most important thing to see the regulations that it exists in his country
To develop a system to sign invoices electronics has his
complexities
My system uses xml type text, also the wrapper of the dll cryptosys that is excellent, and his price
very reasonable
cDocumento  = [<?xml version="1.0" encoding="ISO-8859-1"?>] +NL
cDocumento += [<DTE version="1.0" >]+NL+repl(TAB,1)
cDocumento += [<Documento ID=]+cDoc+[>] +NL+repl(TAB,2)
more additional functions of the activex , special to search , insert or to replace
or sign xml-dsig , 
oDom := CREATEOBJECT("msxml2.DOMDocument.5.0")
    if oDom = Nil
         oDom := CREATEOBJECT("msxml2.DOMDocument.4.0")
    endif
and for soap use this class which can locate it at the end of this link
oHttp := TServerXMLHTTPRequest():New()
http://bb.donnay-software.com:8080/phpB ... ?f=9&t=548
if you have difficulties with the soap, use the tool soapui that is free and  will find her in the web
Best Regard
Hector
 
			
					
				Re: X.509 Certificate
				Posted: Thu Sep 20, 2012 1:21 pm
				by gradosic
				Thank you,
I still can't test anything because we just got certificates for testing but government didn't start server yet. I will try this way and put results on board if success.