SQL Server
SQL Server
Require SSL Server Certificate Domain Match
See more HTTP Examples
Demonstrates how to require that the SSL server certificate's domain matches the intended domain.Chilkat SQL Server Downloads
-- Important: See this note about string length limitations for strings returned by sp_OAMethod calls.
--
CREATE PROCEDURE ChilkatSample
AS
BEGIN
DECLARE @hr int
DECLARE @iTmp0 int
-- Important: Do not use nvarchar(max). See the warning about using nvarchar(max).
DECLARE @sTmp0 nvarchar(4000)
DECLARE @success int
SELECT @success = 0
-- This example assumes the Chilkat API to have been previously unlocked.
-- See Global Unlock Sample for sample code.
DECLARE @http int
EXEC @hr = sp_OACreate 'Chilkat.Http', @http OUT
IF @hr <> 0
BEGIN
PRINT 'Failed to create ActiveX component'
RETURN
END
-- Call SetSslCertRequirement to require that the SSL server certificate's domain
-- matches only the domain we are intending to communicate with.
-- In this example we will test with the URL https://wrong.host.badssl.com/
-- which intentionally has an SSL certificate that does not match "wrong.host.badssl.com"
EXEC sp_OAMethod @http, 'SetSslCertRequirement', NULL, 'SAN', 'wrong.host.badssl.com'
-- Also validate the server cert..
EXEC sp_OASetProperty @http, 'RequireSslCertVerify', 1
-- Try sending the request. It should fail within the SSL/TLS handshake
-- because the server's certificate does not match the domain "wrong.host.badssl.com"
DECLARE @html nvarchar(4000)
EXEC sp_OAMethod @http, 'QuickGetStr', @html OUT, 'https://wrong.host.badssl.com/'
EXEC sp_OAGetProperty @http, 'LastMethodSuccess', @iTmp0 OUT
IF @iTmp0 = 0
BEGIN
EXEC sp_OAGetProperty @http, 'LastErrorText', @sTmp0 OUT
PRINT @sTmp0
END
ELSE
BEGIN
PRINT 'Unexpected success.'
END
EXEC @hr = sp_OADestroy @http
END
GO