https using httpendpoint

Xbase++ 2.0 Build 554 or later
Post Reply
Message
Author
User avatar
rdonnay
Site Admin
Posts: 4868
Joined: Wed Jan 27, 2010 6:58 pm
Location: Boise, Idaho USA
Contact:

https using httpendpoint

#1 Post by rdonnay »

Has anyone been successful in creating a .PFX file for use with httpendpoint:setCertificateFromFile() ?
The eXpress train is coming - and it has more cars.

Diego Euri Almanzar
Posts: 181
Joined: Thu Nov 05, 2020 10:51 am
Location: DOMINICAN REPUBLIC

Re: https using httpendpoint

#2 Post by Diego Euri Almanzar »

Hello Roger

Thanks in advance for your help. I was investigating, and I think it is easier, if I point to a document, or a certificate, through the following sentence:

:setCertificateFromFile( <cFilename>[, cPassword] ) --> lSuccess

In a few days, I will get my own certificates, bought by me. They are web certificates, which I must use to certify myself in the Electronic Billing project of my country. And, obviously, since they are my property, I can use them for my new Web program, developed with CXP, Xbase++, and Express.

After I have done the tests, I will give you the results.

User avatar
rdonnay
Site Admin
Posts: 4868
Joined: Wed Jan 27, 2010 6:58 pm
Location: Boise, Idaho USA
Contact:

Re: https using httpendpoint

#3 Post by rdonnay »

I finally got it to work after I created a .PFX certificate using OpenSSL. The .P12 certificate would cause runtime errors when loading on any OS earlier than Windows 10. Here are the commands required for making the .PFX file:

REM This command creates a "self-signed" certificate named TaxiFleetNYC.PEM and TaxiFleetNYC.KEY
openssl req -nodes -newkey rsa:2048 -x509 -days 365 -config openssl.cnf -out TaxiFleetNYC.pem -keyout TaxiFleetNYC.key

REM This command creates a PKCS#12 certificate named TaxkFleetNYC.pfx from the TaxiFleetNYC.PEM and TaxiFleetNYC.KEY
openssl.exe pkcs12 -keypbe PBE-SHA1-3DES -certpbe PBE-SHA1-3DES -export -in TaxiFleetNyc.pem -inkey TaxiFleetNyc.Key -out TaxiFleetNyc.pfx
The eXpress train is coming - and it has more cars.

Diego Euri Almanzar
Posts: 181
Joined: Thu Nov 05, 2020 10:51 am
Location: DOMINICAN REPUBLIC

Re: https using httpendpoint

#4 Post by Diego Euri Almanzar »

Hello Roger.

Excellent Roger, great as always. I am still waiting for my digital certificates. The company I bought them from, will deliver them to me via a link, during the course of today. Which are certificates with extension P12. I know, because they have already been delivered to my colleagues or classmates, and they are P12. However, with the example you just gave me, I already have other great options.

If the certificates work for me, I can continue with the httpendpoint server and the standalone mode. With Windows IIS, I can upload PDF with any library, or HTML command. But, there are multiple drawbacks. Contrary to the standalone mode, in which I only have the inconvenience of uploading PDF documents. Therefore, I prefer httpendpoint – standalone.

Thank you so much

Diego Euri Almanzar
Posts: 181
Joined: Thu Nov 05, 2020 10:51 am
Location: DOMINICAN REPUBLIC

Re: https using httpendpoint

#5 Post by Diego Euri Almanzar »

Hello Roger

I tried to create a certificate, and the first thing I have to create is a file with the key. However, when it's time to type the key, the keyboard locks, not allowing me to type anything, I've been trying for several days. I attach an image with the place where it stops.

About this task
This procedure is valid for all operating systems that are supported by OpenSSL.
Procedure
1. Open the command line.
2. Create a new private key in the PKCS#1 format.

openssl genrsa -des3 -out key_name.key key_strength

For example:
openssl genrsa -des3 -out private_key.key 2048

I repeat, what I want is to be able to type the key, but the keyboard crashes when I try to type the key, which will be inside the .key file

I hope that you or any member of this honorable forum can help me.

Thank you.
Attachments
CERKEY.jpg
CERKEY.jpg (61.78 KiB) Viewed 41300 times

Diego Euri Almanzar
Posts: 181
Joined: Thu Nov 05, 2020 10:51 am
Location: DOMINICAN REPUBLIC

Re: https using httpendpoint

#6 Post by Diego Euri Almanzar »

Hello Roger

Finally, I managed to create a Pfx. The steps were the following:
1. openssl genrsa -out simple123.key 2048
2. openssl req -new -key simple123.key -out almost done
3. openssl x509 -req -days 365 -in casilisto.csr –signkey simple123.key –out wmacecert.cert
4. openssl pkcs12 -export -out wmacepfx.pfx -inkey simple123.key -in wmacecert.cert

Next, openssl asks for a new key. The key must be written even if the cursor does not move. That confuses because one thinks that openssl is not working. I reiterate, you have to write the password even if the cursor does not respond. After typing the key, you must press Enter. Openssl will ask for the key again for confirmation.

Now, after creating the certificate, I used it in cxpendpoint and it was successful because it didn't give me an error, if I load returning true. Different than when I use p12. Cxpendpoint returns false when I load p12.

However, now the matter has become much more complicated because my cxp pages no longer run, no longer run, after adding the certificate.

Retval := oHttp:setCertificateFromFile("C:\mycerts\wmacepfx.pfx","kepler1989296")

After adding the above, I can't use the cxp. It gives an error if I put port 81, as well as port 443
The error in the browser is as follows:

Cannot access this website
The connection has been reestablished.
Try to:
• Check the connection
• Check proxy and firewall
• Run Windows Network Diagnostics
ERR_CONNECTION_RESET

Roger, help me with this, please.

Thank you.

User avatar
rdonnay
Site Admin
Posts: 4868
Joined: Wed Jan 27, 2010 6:58 pm
Location: Boise, Idaho USA
Contact:

Re: https using httpendpoint

#7 Post by rdonnay »

I don't know that I can help you because I had the same problem with my certificate.

I finally gave up. We decided we could live without https for this particular requirement.
It was too much of a headache.
The eXpress train is coming - and it has more cars.

Post Reply