Getting around SSL/HTTPS Errors
Many Web Services operate using SSL and frequently you have to deal with non-production servers that either have invalid certificates or require client certificates. There are two scenarios when dealing with certificate errors: Service Generation and Generated Service Operation.
The most common problems are the first two. For an expired certificate there's no workaround - you have to ignore the error. For required client certificates you need to install the client certificate - the provider has to provide one to you.
Certificate Errors are serious
You should think long and hard about whether you want to ignore certificate errors as certificates are there for a reason usually and are meant to protect and validate access. By ignoring certificate errors you are bypassing the validation. Ultimately you should work with the service provider to fix the certificate or provide you the appropriate client certificate or configuration required to make a certificate work properly. The workarounds offered here are meant as a last resort only.
Ignoring Certificate Errors on Generated Proxies
The generated .NET Proxies include a method called IgnoreCertificateErrors() that does just as the name suggests - it ignores certificate errors and lets you proceed. To use this method:
loProxy = CREATEOBJECT("MyWebServiceProxy")
loProxy.oService.IgnoreCertificateErrors()
* ... go on with proxy use
Dealing with Certificate Errors in the Proxy Generator
The proxy generator can ignore some certificate errors, but will fail on others. Unfortunately there's no full control mechanism over the .NET Import mechanism so if you get a certificate error during actual WSDL parsing and code generation there's nothing that can be done to ignore the errors outright.
There are a couple of workarounds you can use however.
Trust the Certificate by installing it
Certificates are trust operations and if you hit a certificate that doesn't match your installed trusted sources in the certificate store you can install the certificate and set it to be trusted. To do this browse to the WSDL document with Internet Explorer which will give you a certificate warning. Ignore the certificate error which should let you see the WSDL document. Right click and choose properties from the shortcut menu, then click on Certificates, then click on install certificate.
Copy the WSDL Document to a File on Disk
If the WSDL file is a single, self contained document (ie. it doesn't include external schema download references), you can also open the certificate in your browser by bypassing the warnings and displaying the WSDL in the browser. Use View Source to get at the raw XML output from the page and save that to a file on disk. Then when you use the Proxy Generator, instead of typing in the URL type in the file path to the saved WSDL document.
© West Wind Technologies, 2004-2020 • Updated: 09/29/15
Comment or report problem with topic