Ok. Now I have upgraded to Powerbuilder 2022.
I have used of one of the examples listed in the page https://docs.appeon.com/pb2022/powerscript_reference/SetClientCert_func.html
(See below, at the end of this message, please.)
The variable ls_certSN received the serial number of my certificate and ls_certIssue received the entity that signed the certificate, as shown in the image attached to this message.
(In fact, what I expected was that the application called a pop up window listing the available certificates so that I could choose one, instead of hard-coding it in the script, but, since I could not figure out how to do it, I followed dutifully the instructions to achieve my first success, but it didn't work.)
I tried all the options presented for "store name"
-
"MY" -- The certificate store for personal certificates.
-
"Root" -- The certificate store for trusted root certificate authorities (CAs).
-
"Trust" -- The certificate store for directly trusted people, resources, and publishers.
-
"CA" -- The certificate store for intermediate certificate authorities (CAs).
None of them worked. The error was always "-2 -- Failed to import certificate or the specified certificate is not found."
httpClient l_httpclient
String ls_urlName &
, ls_ResPonse &
, ls_certSN &
, ls_certIssue
integer ln_rtn
l_httpclient = Create httpClient
ls_urlName = "https://webservices.consulta.esocial.gov.br/servicos/empregador/consultarloteeventos/WsConsultarLoteEventos.svc"
ln_rtn = l_httpclient.SendRequest("GET", ls_urlName)
ls_certSN = "7e0e209878604451"
ls_certIssue = 'CN = AC SOLUTI Multipla v5~r~n OU = AC SOLUTI v5d~r~n O = ICP-Brasil~r~n C = BR'
If ln_rtn = -16 Then
l_httpclient.anonymousAccess = false
ln_rtn = l_httpclient.SetClientCert("Trust", ls_certSN, ls_certIssue);
ln_rtn = l_httpclient.SendRequest("GET", ls_urlName)
End If
Some sites can make your certification testing process easier. E.g.: https://badssl.com
You can download the client certification (badssl.com-client.p12) from https://badssl.com/download/, and install it. Then verify it again.
ls_certSN = "0098f5669f18f5fc93"
ls_certIssue = 'CN = BadSSL Client Root Certificate Authority~r~nO = BadSSL~r~nL = San Francisco~r~nS = California~r~nC = US'
ln_rtn = l_httpclient.SetClientCert("MY", ls_certIssue, ls_certSN);
ln_rtn = l_httpclient.SendRequest("GET", "https://client.badssl.com/")
If still not solved, please report your issue via our support ticketing system to ensure it is being properly received by our tech support and tracked at: https://www.appeon.com/standardsupport/
Regards, Logan
We probably are not talking about the same thing.
When we use a usb (PKI) token, the password/pin (as far as I know) is not saved in the Windows' store. The authentication needs to use the software provided by the company that issues the certificate (in my case, Soluti).
This doesn't seem to be the same thing as using a p12 file, wich holds the private key of the certificate.
As far as I know (and I have to advise that I am NOT an expert), in the case of a PKI usb token, the private key is kept safe inside the USB media.
I am already looking for other alternatives (like Chilkat). But I will report this issue via support ticket, anyway.
Thank you,