Hi OpenEdge folks,
I've got a working curl command which calls an REST api and returns some json. The format is :
curl --cert ./mycert.pem:Password123 -H "Content-Type: application/json" -X POST -d '{"username":"xyz","password":"xyz"}' https://someapi.com/getcustomerlist
The PEM certificate has a password that goes along with it.
Has anyone done a similar call but natively in OE? If so, how did you handle the PEM & password?
Many thanks,
Dave
Well, there is a HTTP client written in 4GL, but if I remember correctly this doesn't support client side certificates. HTTP support in the 4GL is, how can I say this, somewhat crude.
See also: knowledgebase.progress.com/.../P186047
Yeas... I have the HTTP client working well, but when it came to the certificate side of things, there was no info about it.
Thank you for the reply.
As Bronco says, the ABL client socket doesn't support client-side sockets.
to use SSL cert in general use the OPenEdge certutil and certificate stores (see documentation.progress.com/.../managing-openedge-key-and-certificate-stores.html )
Technically this uses .Net Libraries so is Windows only but this is something like what you have to do:
----------------------------------------------
METHOD PUBLIC CHARACTER getRequest(INPUT lcPayLoad AS LONGCHAR, INPUT pcURL AS CHARACTER, INPUT pcContentType AS CHARACTER ):
DEFINE VARIABLE RESULT AS CHARACTER NO-UNDO.
DEFINE VARIABLE clsCertificate AS CLASS X509Certificate2 NO-UNDO.
DEFINE VARIABLE clsPostreq AS HttpWebRequest NO-UNDO.
DEFINE VARIABLE clsPostResponse AS HttpWebResponse NO-UNDO.
DEFINE VARIABLE sbPayLoad AS "System.Byte[]" NO-UNDO.
DEFINE VARIABLE clsPostReqstream AS Stream NO-UNDO.
DO ON ERROR UNDO, THROW:
sbPayLoad = UTF8Encoding:Default:GetBytes(lcPayLoad).
clsPostreq = NEW HttpWebRequest().
clsPostreq = CAST(WebRequest:Create(pcURL),HttpWebRequest).
clsPostreq:Method = "POST".
IF UseClientCertificate THEN
DO:
clsCertificate = NEW X509Certificate2(CertificatePath,CertificatePassword).
clsPostreq:ClientCertificates:Add(clsCertificate).
clsPostreq:PreAuthenticate = TRUE.
END.
clsPostreq:ContentType = pcContentType.
clsPostReqStream = clsPostreq:GetRequestStream().
clsPostReqStream:write(sbPayLoad,0,sbPayLoad:Length).
clsPostReqStream:Close().
clsPostResponse = CAST(clsPostReq:GetResponse(),HttpWebResponse).
StatusCode = STRING(clsPostResponse:StatusCode:value__).
StatusDescription = clsPostResponse:StatusDescription.
IF DebuggingOn THEN
MESSAGE clsPostResponse:StatusCode:value__ SKIP clsPostResponse:StatusDescription
SKIP clsPostResponse:Headers["status"]
VIEW-AS ALERT-BOX.
RESULT = STRING(clsPostResponse:StatusCode:value__).
END.
RETURN RESULT.
CATCH NetErrorObject AS System.Net.WebException:
DEFINE VARIABLE resp AS HttpWebResponse.
resp = CAST(NetErrorObject:Response,HttpWebResponse).
IF DebuggingOn THEN
MESSAGE resp:StatusCode:value__ SKIP NetErrorObject:Message
VIEW-AS ALERT-BOX.
StatusCode = STRING(resp:StatusCode:value__).
StatusDescription = resp:StatusDescription + CHR(13) + NetErrorObject:Message .
RETURN STRING(resp:StatusCode:value__).
END CATCH.
CATCH ErrorObject AS Progress.Lang.Error:
IF DebuggingOn THEN
MESSAGE ErrorObject:GetMessage(1)
VIEW-AS ALERT-BOX.
RETURN ErrorObject:GetMessage(1).
END CATCH.
END METHOD.
============
HTH