May be some of you already got stuck with the problem about xml http calls, vbscript and secured websites with certificate problems – the others surely will… There are some problems occurring right often. For example the host name does not match the subject name of the certificate or the certificate is not valid (yet) or the certificate’s chain is broken. Here you can see 2 of those errors:
Error 80072F0D in msxml3.dll: The certificate authority is invalid or incorrect
Error 80072F06 in msxml3.dll: The host name in the certificate is invalid or does not match
When opening such a page in Internet Explorer you will see that the browser wants to prevent you from opening that page. But you can go on by selecting “Continue to the website…”. In vbscript this is also possible. Here you’ll need to add an option to your xml http request like this:
Set objXmlHttp = CreateObject("Msxml2.ServerXMLHTTP") objXmlHttp.setOption 2, 13056 'http://msdn.microsoft.com/en-us/library/ms763811(v=VS.85).aspx objXmlHttp.open "GET", "https://urlwithcertificateerror", False objXmlHttp.send wscript.echo objXmlHttp.responseText Set objXmlHttp = Nothing
The important part is this one:
objXmlHttp.setOption 2, 13056 'http://msdn.microsoft.com/en-us/library/ms763811(v=VS.85).aspx
It tells the xmlhttp object to ignore any certificate errors and to continue downloading the page. There are some more options you can set using the setoption function, e.g. overriding the codepage or change the handling of % characters.
Please note that the value of 13056 means that ALL errors regarding certificates are ignored. There are some more values you can set to get more control on what will be ignored and what won’t, e.g.:
SXH_SERVER_CERT_IGNORE_UNKNOWN_CA = 256 Unknown certificate authority SXH_SERVER_CERT_IGNORE_WRONG_USAGE = 512 Malformed certificate such as a certificate with no subject name. SXH_SERVER_CERT_IGNORE_CERT_CN_INVALID = 4096 Mismatch between the visited hostname and the certificate name being used on the server. SXH_SERVER_CERT_IGNORE_CERT_DATE_INVALID = 8192 The date in the certificate is invalid or has expired. SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056 All certificate errors.
More information about setting and getting options, about these values and options not mentioned here can be found at http://msdn.microsoft.com/en-us/library/ms753798(v=vs.85).aspx