Rosetta Code

HTTPS/Client-authenticated

< HTTPS
Revision as of 08:00, 11 June 2016 by rosettacode>Craigd (→‎{{header|Tcl}}: added zkl)

Demonstrate how to connect to a web server over HTTPS where that server requires that the client present a certificate to prove who (s)he is. Unlike with the HTTPS request with authentication task, it is not acceptable to perform the authentication by a username/password or a set cookie.

Task
HTTPS/Client-authenticated
You are encouraged to solve this task according to the task description, using any language you may know.

This task is in general useful for use with webservice clients as it offers a high level of assurance that the client is an acceptable counterparty for the server. For example, Amazon Web Services uses this style of authentication.

C#

Works with: C sharp version 3.0

<lang csharp> using System; using System.Net;

class Program { 

   class MyWebClient : WebClient
   {
       protected override WebRequest GetWebRequest(Uri address)
       {
           HttpWebRequest request = (HttpWebRequest)base.GetWebRequest(address);
           request.ClientCertificates.Add(new X509Certificate());
           return request;
       }
   }
   static void Main(string[] args)
   {
       var client = new MyWebClient();

       var data = client.DownloadString("https://example.com");

       Console.WriteLine(data);
   }

} </lang>

Lasso

<lang Lasso>local(sslcert = file('myCert.pem')) local(x = curl('https://sourceforge.net'))

  1. x->set(CURLOPT_SSLCERT, #sslcert->readstring)
  2. sslcert->close
  3. x->result->asString</lang>

Mathematica / Wolfram Language

<lang Mathematica>a = RunThrough["curl -E myCert.pem https://www.example.com", 1] For[ i=0, i < Length[a] , i++, SomeFunction[a]]</lang>

PicoLisp

<lang PicoLisp>(in '(curl "-E" "myCert.pem" "https://www.example.com") 

  (while (line)
     (doSomeProcessingWithLine @) ) )</lang>

Python

<lang python>import httplib

connection = httplib.HTTPSConnection('www.example.com',cert_file='myCert.PEM') connection.request('GET','/index.html') response = connection.getresponse() data = response.read() </lang>

Racket

Skeleton code to connect to a server: <lang racket>

  1. lang racket

(require openssl/mzssl) (define ctx (ssl-make-client-context)) (ssl-set-verify! ctx #t) ; verify the connection (ssl-load-verify-root-certificates! ctx "my-cert.pem") (define-values [I O] (ssl-connect "www.example.com" 443 ctx)) </lang>

Tcl

Uses the Tls package. <lang tcl>package require http package require tls

set cert myCert.p12 http::register https 443 [list \ 

   ::tls::socket -certfile $cert -password getPass]

proc getPass {} { 

   return "myPassword";  # Just a noddy example...

}

  1. Make a secure authenticated connection

set token [http::geturl https://verysecure.example.com/]

  1. Now as for conventional use of the “http” package

set data [http::data $token] http::cleanup $token</lang>

zkl

Uses libCurl. <lang zkl>var CURL=Import("zklCurl"), c=CURL(); c.setOpt("SSLCERT","certFile.pem"); c.setOpt("SSLCERTTYPE","pem"); c.get("http://zenkinetic.com"); // lame example to show how to read</lang>

Retrieved from "https://rosettacode.org/wiki/HTTPS/Client-authenticated?oldid=112897"