SQL Server
SQL Server
Use Installed Cert on Windows for TLS Client Authentication
See more HTTP Examples
Demonstrates how to use a certificate that has already been installed on a Windows PC for TLS client authentication.Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example requires the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- On Windows, a pre-installed certificate can be loaded in a number of different ways.
-- This example loads by the common name:
DECLARE @cert int
EXEC @hr = sp_OACreate 'Chilkat.Cert', @cert OUT
EXEC sp_OAMethod @cert, 'LoadByCommonName', @success OUT, 'My ECA Medium Assurance Identity Certificate'
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @cert, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- Make sure this certificate has a private key available.
-- It should be a private key such that when the certificate was installed, it was marked as "exportable"
-- so that authorized programs are able to access the private key.
EXEC sp_OAMethod @cert, 'HasPrivateKey', @iTmp0 OUT
IF @iTmp0 <> 1
BEGIN
PRINT 'A private key is needed for TLS client authentication.'
PRINT 'This certificate has no private key.'
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- Set the certificate to be used for mutual TLS authentication
-- (i.e. sets the client-side certificate for two-way TLS authentication)
EXEC sp_OAMethod @http, 'SetSslClientCert', @success OUT, @cert
IF @success <> 1
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @cert
RETURN
END
-- At this point, the HTTP object instance is setup with the client-side cert, and any SSL/TLS
-- connection will automatically use it if the server demands a client-side cert.
EXEC @hr = sp_OADestroy @http
EXEC @hr = sp_OADestroy @cert
END
GO