I have a bit of a love/hate relationship with VBS, perhaps because not all of our boxes have PowerShell installed and I'm forced to use VBS a lot of the time for testing web services and an other assorted things.
We have been testing a website that uses client certificate mapping in IIS, see step 8 on this post, with the added twist that we have no other way of authentication, it's client certificates or bust. We are sort of forced to POST a soap request, as the main method that we are testing, has way too many parameters for a GET request.
In my example script, see below, I'm using a client certificate installed in the user's store, this is more common than a client certificate installed in the Local Computer's store. If this is the case change line 17 to "LOCAL_MACHINE\Personal\1234" or whatever your certificates's name is.
1 Dim objwinhttp, strURL, strStatus, soap
2
3 soap = "<soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/' xmlns:xsd='http://www.w3.org/2001/XMLSchema' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xmlns:SOAP-ENC='http://schemas.xmlsoap.org/soap/encoding/' xmlns:SOAP-ENV='http://schemas.xmlsoap.org/soap/envelope/'>"
4 soap = soap + "<soap:Body>"
5 soap = soap + "<MyMethod xmlns='http://server.dev.com/MyMethod'><Centre>string</Centre>....manymoreparemetershere</MyMethod>
6 soap = soap + "</soap:Body></soap:Envelope>"
7
8 strURL = "https://server.dev.com:5555/service.asmx"
9
10 set objwinhttp = CreateObject("WinHttp.WinHttpRequest.5.1")
11
12 objwinhttp.Open "POST", strURL
13 objwinhttp.setRequestHeader "Content-type","text/xml; charset=utf-8"
14 objwinhttp.setRequestHeader "SOAPAction","http://dom.dev.com/MyMethod"
15 objwinhttp.setRequestHeader "Content-Length",Len(soap)
16
17 objwinhttp.SetClientCertificate "CURRENT_USER\MY\1234"
18
19 objwinhttp.Send(soap)
20
21 wscript.Echo("Response Code: " & objwinhttp.Status & " Response: " & objwinhttp.ResponseText)
No comments:
Post a Comment