Hi All, We got to the bottom of this and got it working after taking it off the discussion list.
Firstly, can I say thanks to Dirk for he responsiveness on this issue - the delay in getting back to update the discussion list lies purely with me. ----- There are a couple of elements to the solution. One: There was a small code change required which is downloadable in beta. No date on full release yet. Two: We had to figure out the exact parameter values to set so that ServersAlive could pick up the client certificate and use it in the post request. In the host file entry for this check I had to update: #ADPA="" to: #ADPA="#SSLCERTSTORE=My#SSLCERTSUBJECT=CERT-COMMON-NAME#" The point to note is that the 'Subject' field on the text version of the cert file used AND the 'Subject' field of the cert when viewed through IE's Certificates viewer show different values for the subject, none of which are just the Cert Common Name. The value that you should specify for 'SSLCERTSUBJECT' appears to be just the Cert CN(Common Name) value. Regards ... Gareth > ------------------------------------------- > From: Servers Alive Discussion List on behalf of Dirk > Bulinckx[SMTP:d...@woodstone.nu] > Sent: Wednesday, April 07, 2010 12:15:38 PM > To: Servers Alive Discussion List > Subject: RE: [SA-list] Checking a webservice(POST data) with a client > certificate. > Auto forwarded by a Rule > Based on the logging this seems like an "older" version of SA. Can you update to the latest beta build, it will probably still give a similar error BUT it will show the line number (were it now shows line 0) dirk -----Original Message----- From: Servers Alive Discussion List [mailto:sal...@woodstone.nu] On Behalf Of Application Server Admin Sent: Wednesday, April 07, 2010 12:56 PM To: Servers Alive Discussion List Subject: [SA-list] Checking a webservice(POST data) with a client certificate. Hi All, We are trying to check a webservice is up and responding by posting data to a test method. Our main issue is that it requires a client certificate for authentication. I have installed the client certificate on our machine running servers alive. - Windows Server 2003 R2 - Logged in a 'administrator' Our entry for the webservice check currently contains the following additional parameters to try pick up the client cert for the POST request(this is based on the servers alive documentation): #ADPA="#SSLCERTSTORE=MY#SSLCERTSUBJECT=O=TEST-XXXXTEST-ABCDEFG, OU=ABCDEFG, O=TESTOU, CN=TEST-XXXXTEST-ABCDEFG#" The log entry for this check is: -------- Thursday, March 25, 2010 3:27:13 PM TEST-CLIENT-CHECK Thursday, March 25, 2010 3:27:13 PM URLCheck : SSL client certificate : 0 Thursday, March 25, 2010 3:27:13 PM URL check (https://xxxxxxxx.xxxxxx.xxxx.ie/xxxx/v1) failed due to Object variable or With block variable not set(line 0) counter=55 .... Thursday, March 25, 2010 3:27:18 PM TEST-CLIENT-CHECK Thursday, March 25, 2010 3:27:18 PM URLCheck : SSL client certificate : 0 Thursday, March 25, 2010 3:27:18 PM URL check (https://xxxxxxxx.xxxxxx.xxxx.ie/xxxx/v1) failed due to Object variable -------- Has anyone else tried to use client certificates in their checks? How did you get on? Regards ... Gareth To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list. To unsubscribe send a message with UNSUBSCRIBE in the subject line to salive@woodstone.nu If you use auto-responders (like out-of-the-office messages), make sure that they are not sent to the list nor to individual members. Doing so will cause you to be automatically removed from the list.
