I'm trying to use WinInet to make a post query over SSL with a client
certificate that has a private key to rertrieve data. In other words, I
need two-way authentication.
My code works for none SSL connections.
To use SSL, I have added INTERNET_FLAG_SECURE to the HttpOpenRequest
call and added code to retrieve the client certificate and add it to the
request with this code:
int res = InternetSetOption
(
_hRequest,
INTERNET_OPTION_CLIENT_CERT_CONTEXT,
(void *) pContext,
sizeof(CERT_CONTEXT)
);
CertFreeCertificateContext(pContext);
CertCloseStore(hStore, 0);
// Yes, res is checked and is good
When I attempt the query, HttpSendRequest fails with error code 12157
and the system event log contains this message:
The SSL client credential's certificate does not have a private key
information property attached to it. This most often occurs when a
certificate is backed up incorrectly and then later restored. This
message can also indicate a certificate enrollment failure.
Do I need to do something separate from adding the certificate to add
the private key? What else might be happening here?
Any suggestions greatfully appreciated.
Thanks,
++PLS
