|
Chilkat • HOME • .NET Core C# • Android™ • AutoIt • C • C# • C++ • Chilkat2-Python • CkPython • Classic ASP • DataFlex • Delphi ActiveX • Delphi DLL • Go • Java • Lianja • Mono C# • Node.js • Objective-C • PHP ActiveX • PHP Extension • Perl • PowerBuilder • PowerShell • PureBasic • Ruby • SQL Server • Swift 2 • Swift 3,4,5... • Tcl • Unicode C • Unicode C++ • VB.NET • VBScript • Visual Basic 6.0 • Visual FoxPro • Xojo Plugin
(SQL Server) HTTP - Verify Server is a Trusted Root CADemonstrates how to only allow connections to an HTTP server having a certificate with a root that is in our list of trusted CA root certificates.
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls. -- CREATE PROCEDURE ChilkatSample AS BEGIN DECLARE @hr int DECLARE @iTmp0 int -- Important: Do not use nvarchar(max). See the warning about using nvarchar(max). DECLARE @sTmp0 nvarchar(4000) -- Starting in v9.5.0.49, all Chilkat classes can be unlocked at once at the beginning of a program -- by calling UnlockBundle. It requires a Bundle unlock code. DECLARE @chilkatGlob int -- Use "Chilkat_9_5_0.Global" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Global', @chilkatGlob OUT IF @hr <> 0 BEGIN PRINT 'Failed to create ActiveX component' RETURN END DECLARE @success int EXEC sp_OAMethod @chilkatGlob, 'UnlockBundle', @success OUT, 'Anything for 30-day trial.' IF @success <> 1 BEGIN EXEC sp_OAGetProperty @chilkatGlob, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @chilkatGlob RETURN END -- On my particular system, the root CA cert for this URL is not pre-installed. -- Note: This may be different for you. -- Also, this example was written on 29-May-2015. This URL was valid at the time, -- but may not be valid at a future date. DECLARE @url nvarchar(4000) SELECT @url = 'https://animals.nationalgeographic.com/animals/invertebrates/starfish/' DECLARE @http int -- Use "Chilkat_9_5_0.Http" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT -- Require that the SSL/TLS server certificate is not expired, -- and that the certificate signature is valid. -- This does not ensure that it has a chain of authentication to -- a trusted root. To ensure that, the TrustedRoots object (below) is required. EXEC sp_OASetProperty @http, 'RequireSslCertVerify', 1 -- Do the HTTPS page fetch (through the SSH tunnel) DECLARE @html nvarchar(4000) EXEC sp_OAMethod @http, 'QuickGetStr', @html OUT, @url EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT IF @iTmp0 <> 1 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 EXEC @hr = sp_OADestroy @chilkatGlob EXEC @hr = sp_OADestroy @http RETURN END PRINT 'The HTTP GET was successful.' -- Now let's require that HTTP requests to SSL/TLS servers that don't have trusted CA roots -- should fail. DECLARE @trustedRoots int -- Use "Chilkat_9_5_0.TrustedRoots" for versions of Chilkat < 10.0.0 EXEC @hr = sp_OACreate 'Chilkat.TrustedRoots', @trustedRoots OUT -- Indicate that we will trust any pre-installed certificates on this system. -- (The meaning of pre-installed certificates depends on the operating system, and in -- some environments there is no such thing as pre-installed certificates. See the reference -- documentation for the TrustedRoots class.) EXEC sp_OASetProperty @trustedRoots, 'TrustSystemCaRoots', 1 -- Activate the trusted roots globally for all Chilkat objects. -- This call really shouldn't fail, so we're not checking the return value. EXEC sp_OAMethod @trustedRoots, 'Activate', @success OUT -- Given that our previous HTTP GET likely kept the connection open, -- make sure that all HTTP connections are closed before re-trying. -- Otherwise, we'll simply be re-using the pre-existing connection. EXEC sp_OAMethod @http, 'CloseAllConnections', @success OUT -- Now let's try fetching the URL again. It should fail this time because -- there is a requirement that the SSL/TLS server certificate must have a trusted root, -- and the trusted root for this URL is not installed on my system (but may be different for you..) EXEC sp_OAMethod @http, 'QuickGetStr', @html OUT, @url EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT IF @iTmp0 <> 1 BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 PRINT 'Good, the HTTP request failed as expected.' END ELSE BEGIN EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT PRINT @sTmp0 PRINT 'Hmmm... we did not fail as expected?' END EXEC @hr = sp_OADestroy @chilkatGlob EXEC @hr = sp_OADestroy @http EXEC @hr = sp_OADestroy @trustedRoots END GO |
||||
© 2000-2024 Chilkat Software, Inc. All Rights Reserved.