SSL support for Windows

Mar 25, 2013 at 11:22 PM
Hi,
I was wondering if the support for ssl for windows is planned? If so, what time frame are we looking at?

Thanks,
Jaimin
Mar 25, 2013 at 11:25 PM
Jaimin,

HTTP over SSL is already supported on Windows. Are you having trouble making it work?

Niklas
Mar 25, 2013 at 11:29 PM
Yes, I am trying to request a HTTPS Url, but I am getting an exception, whereas I can call the server by a HTTP request.

Jaimin
Mar 25, 2013 at 11:30 PM
What does the exception say?
Mar 25, 2013 at 11:37 PM
Exception : "A certificate is required to complete client authentication"
How do I add the certificate to the request?
Mar 25, 2013 at 11:41 PM
Aha!

This sounds like an indication that the server is looking for a client-side certificate, which we don't support (it's on our short list of things to do next). We currently only support the normal server-side SSL certificates. Can you confirm that the server is, indeed, set up to require a client certificate (if it isn't, then there's some other problem that we need to track down for you).

Thanks,

Niklas
Mar 26, 2013 at 12:17 AM
Oh, I just confirmed that the server requires client side certificates, but is there a way to disable it as we do in a curl command by the --insecure flag?
Mar 27, 2013 at 4:51 PM
Unfortunately, I'm not familiar with what the "insecure" flag on curl does underneath the covers to circumvent a client-cert requirement. Casablanca does not have anything similar at this time.

Niklas
Mar 27, 2013 at 7:24 PM
Mar 27, 2013 at 7:54 PM
Yes, WinHTTP certainly has everything necessary to deal with client-side certificates, and it's on our short list to do something with it.

One thing you may try (but it requires building your own Casablanca binaries) would be to support optional client-side certificates, which should be fairly straight-forward.

Niklas
Apr 2, 2013 at 12:06 AM
The client side certification is no more required by the service, and the call to the service is smooth. Great work by the casablanca team!! Looking forward to new updates :)

Jaimin
Sep 25, 2013 at 9:29 AM
niklasgu wrote:
Yes, WinHTTP certainly has everything necessary to deal with client-side certificates, and it's on our short list to do something with it.

One thing you may try (but it requires building your own Casablanca binaries) would be to support optional client-side certificates, which should be fairly straight-forward.

Niklas
Hi, I need to use client-side certificate authentication over HTTPS. This feature was into the march shortlist, what's about now? I can't found this feature. Can you help me?
Coordinator
Sep 28, 2013 at 11:40 PM
Hi LeonidCSIT,

We have not added support for client side certificates yet. Yes we have been aware of this feature, but haven't started any work on it. I can't make any guarantees on when we will get to implementing it. You could take a look at adding the feature, if you are working on Windows desktop this might help you getting started.

Thanks,
Steve
Jul 9, 2015 at 5:22 PM
Hi! Have you folks implemented support for providing client certificates?

Above I read this "This sounds like an indication that the server is looking for a client-side certificate, which we don't support (it's on our short list of things to do next)", so it might be a possibility that you already implemented it.
Coordinator
Jul 9, 2015 at 7:54 PM
Hi carlosscastro,

No we haven't and it isn't currently on the schedule. That comment is from a couple of years ago. You can however use client certificates by accessing the underlying native platform handle. I believe you are looking to do so on Windows desktop, there are several discussion threads illustrating how this can be done. Take a look here and here.

Steve