Re: how to bypass a known-bad SSL certificate
From: Joe Fawcett (joefawcett_at_hotmail.com)
Date: 11/30/04
- Next message: William: "is it posible config outlook express by script"
- Next in thread: Rob Shaw-Fuller: "Re: how to bypass a known-bad SSL certificate"
- Reply: Rob Shaw-Fuller: "Re: how to bypass a known-bad SSL certificate"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 30 Nov 2004 09:11:23 -0000
"Bill James" <wgjames@mvps.org> wrote in message
news:e83fNLn1EHA.1652@TK2MSFTNGP11.phx.gbl...
Is this script just for running on one machine that you control? If so, you
might be able to just disable certificate checking in IE Advanced Options.
However, you need to be aware of the risk if you are using the same computer
for surfing. If you can run down a Registry setting for the certificate
checking, you might even be able to toggle it off and on when you run the
script.
--
Bill James
Microsoft MVP - Shell/User
Windows VBScript Utilities » www.billsway.com/vbspage/
Windows Tweaks & Tips » www.billsway.com/notes_public/
"Rob Shaw-Fuller" <robshawfuller@hotmail.com> wrote in message
news:OYA2yVj1EHA.1524@TK2MSFTNGP09.phx.gbl...
> I'm writing a VBScript to download some content from a number of internal
> webservers. I'm downloading both secure (https) and non-secure (http)
> content. One of these webservers (a test machine) has a number of
problems
> with its SSL certificate, not the least of which is that the certificate
has
> expired. Every time my script tries to download from the webserver with
the
> bad SSL certificate, Windows helpfully gives me a warning dialog that I
must
> click through before the script can continue. Is there any way to avoid
> this warning for a specific certificate and/or webserver? I'm aware that
> the certificate has issues, but it won't be replaced and/or renewed any
time
> soon (largely because it's on a test machine), so how can I work around
it?
>
> I have already tried:
> * adding the site to Internet Explorer's "Trusted Sites" (didn't help)
> * changing the system date to a period before the certificate expired when
> accessing the problem webserver, then changing it back afterward (still
saw
> the warning dialog, because of another problem with the certificate)
>
> I am using WSH 5.6 on WinXP SP2, with MSXML 4.0 SP2.
>
> Code follows:
> Sub CheckLink(strURL, strOutput)
> Dim objHTTP, objStream, tStart, tElapsed
> Set objHTTP = WScript.CreateObject("MSXML2.XMLhttp.4.0")
> objHTTP.Open "HEAD", strURL, False
> objHTTP.Send
> WScript.Echo "Headers from " & strURL
> WScript.Echo objHTTP.getAllResponseHeaders
> WScript.Echo
> objHTTP.Open "GET", strURL, False
> objHTTP.Send
> tStart = timer()
> Set objStream = CreateObject("ADODB.Stream")
> objStream.Type = adTypeBinary
> objStream.Open
> objStream.Write objHTTP.ResponseBody
> objStream.SaveToFile strOutput, adSaveCreateOverWrite
> Set objHTTP = Nothing
> Set objStream = Nothing
> tElapsed = timer() - tStart
> WScript.Echo "Saved: " & strURL & vbCRLF & "To: " & strOutput & vbCRLF
&
> "Time: " & tElapsed & " seconds..." & vbCRLF
> End Sub
>
> Any assistance would be greatly appreciated!
>
>
> Rob Shaw-Fuller
> robshawfuller@hotmail.com
>
>
Alternatively you might use the ServerXmlHttp request, using the setOption
method you can ignore certificate errors.
--
Joe (MVP - XML)
- Next message: William: "is it posible config outlook express by script"
- Next in thread: Rob Shaw-Fuller: "Re: how to bypass a known-bad SSL certificate"
- Reply: Rob Shaw-Fuller: "Re: how to bypass a known-bad SSL certificate"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
