May be some of you already got stuck with the problem about xml http calls, vbscript and secured websites with certificate problems – the others surely will… There are some problems occurring right often. For example the host name does not match the subject name of the certificate or the certificate is not valid (yet) or the certificate’s chain is broken. Here you can see 2 of those errors:
Error 80072F0D in msxml3.dll: The certificate authority is invalid or incorrect
Error 80072F06 in msxml3.dll: The host name in the certificate is invalid or does not match
When opening such a page in Internet Explorer you will see that the browser wants to prevent you from opening that page. But you can go on by selecting “Continue to the website…”. In vbscript this is also possible. Here you’ll need to add an option to your xml http request like this:
The important part is this one:
objXmlHttp.setOption 2, 13056 ‘http://msdn.microsoft.com/en-us/library/ms763811(v=VS.85).aspx
It tells the xmlhttp object to ignore any certificate errors and to continue downloading the page. There are some more options you can set using the setoption function, e.g. overriding the codepage or change the handling of % characters.
Please note that the value of 13056 means that ALL errors regarding certificates are ignored. There are some more values you can set to get more control on what will be ignored and what won’t, e.g.:
SXH_SERVER_CERT_IGNORE_UNKNOWN_CA = 256
Unknown certificate authority
SXH_SERVER_CERT_IGNORE_WRONG_USAGE = 512
Malformed certificate such as a certificate with no subject name.
SXH_SERVER_CERT_IGNORE_CERT_CN_INVALID = 4096
Mismatch between the visited hostname and the certificate name being used on the server.
SXH_SERVER_CERT_IGNORE_CERT_DATE_INVALID = 8192
The date in the certificate is invalid or has expired.
SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056
All certificate errors.
More information about setting and getting options, about these values and options not mentioned here can be found at http://msdn.microsoft.com/en-us/library/ms753798(v=vs.85).aspx
Bravo ! Tu as fourni la réponse à mon problème ! Merci
Great ! ^^
This is exactly what I was loikong for. Thanks for writing!
as Murphy stated before , you’ll find an answer in last place searched , and I searched a lot of places
thank you very much
i love you guy!
thank you so much!!!
Thank you so much! Solved my problem.
It has certainly worked. However I am concern on security on url, is it accept message/request without certificate or any security gates?
Brilliant! Just what we needed to resolve an issue with sending an xml doc to a 3rd party web service.
Thank you so much…my problem is solved…Really super the way you answer the solution is good.
This worked. Thanks
Thanks, saved me a lot of time and head scratching trying to work out what was going on.
Depends on your code ;)
mmm.. Is there any similar mechanism for Linux? My STB device is runnig on Linux.
thanks a lot for documenting this.
But if you use Msxml2.XMLHTTP no easy option to bypass ssl warnings…
As far as I know, there is no possibility to bypass ssl errors at all using Msxml2.XMLHTTP.
I LOVE YOUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU
You just resolved months of back and forth between me and my host, who was totally clueless. Thank you so much for posting this!
Thanks a lot! The information you posted here works for me.
Thanks a lot .. working for me
Still looking at this. For the servers that don’t have the lower versions of xmlhttprequest installed, you’re out of luck. After all, it’s not called xmlhttpsrequest.
If anyone knows a workaround on a modern server, please post.
I had to change from using this MSXML2.XMLHTTP.3.0 because it said the setOption didn’t exist, but it worked. thanks! Is this possible with MSXML2.XMLHTTP.3.0? Just in case there is a reason I need to switch back. I’m not familiar with what the difference is. I just need the issue fixed and it is. It started after some major network security changes.