Discussion:
Getting server certificate and/or ssl validation status for current browser session
(too old to reply)
ksachdeva
2008-10-13 20:21:41 UTC
Permalink
Hi,

This is what I am trying to achieve in a nutshell:
- have a scriptable browser plugin (activex)
- when it is instantiated before it does his work I would like to
verify if the user is on an https site [not a problem, i could do
this]
- validate if the ssl handshake succeeded [the place where I am having
problems]

On this group and elsewhere I saw the reference to two APIs which
_may_ help me but not able to work with them.

First one is InternetQueryOption
I invoke it like this -
char szBuf[4096] = { 0 };
DWORD nsize = 4096;

BOOL success =
InternetQueryOption(NULL,INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT,szBuf,&nsize);
if (success) {
// certificate information is now in certInfo
}else{
DWORD errorCode = GetLastError();
}

but the result is always FALSE. When I use GetLastError() I get 0x2ef2
which means invalid internet handle. I passing NULL as HINTERNET
parameter. This implies I have to pass a handle but from where do I
get it for a given browser sessions ?

Second is : InternetGetCertByURL
This is an undocumented API of wininet as mentioned here
http://groups.google.com/group/microsoft.public.inetsdk.programming.webbrowser_ctl/browse_frm/thread/3cca033353a0d02b

but I always get FALSE and on top of that GetLastError() also return
zero which does not help

Would appreciate if some one could help.

Regards & thanks
Kapil
Paul Baker [MVP, Windows Desktop Experience]
2008-10-13 20:49:06 UTC
Permalink
You are passing NULL as the HINTERNET. You need the HINTERNET of the
request, I would think.

Paul
Post by ksachdeva
Hi,
- have a scriptable browser plugin (activex)
- when it is instantiated before it does his work I would like to
verify if the user is on an https site [not a problem, i could do
this]
- validate if the ssl handshake succeeded [the place where I am having
problems]
On this group and elsewhere I saw the reference to two APIs which
_may_ help me but not able to work with them.
First one is InternetQueryOption
I invoke it like this -
char szBuf[4096] = { 0 };
DWORD nsize = 4096;
BOOL success =
InternetQueryOption(NULL,INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT,szBuf,&nsize);
if (success) {
// certificate information is now in certInfo
}else{
DWORD errorCode = GetLastError();
}
but the result is always FALSE. When I use GetLastError() I get 0x2ef2
which means invalid internet handle. I passing NULL as HINTERNET
parameter. This implies I have to pass a handle but from where do I
get it for a given browser sessions ?
Second is : InternetGetCertByURL
This is an undocumented API of wininet as mentioned here
http://groups.google.com/group/microsoft.public.inetsdk.programming.webbrowser_ctl/browse_frm/thread/3cca033353a0d02b
but I always get FALSE and on top of that GetLastError() also return
zero which does not help
Would appreciate if some one could help.
Regards & thanks
Kapil
ksachdeva
2008-10-13 21:10:35 UTC
Permalink
Yes, from where do I get the HINTERNET of the request made by the
browser ?

Regards
Kapil

On Oct 13, 3:49 pm, "Paul Baker [MVP, Windows Desktop Experience]"
Post by Paul Baker [MVP, Windows Desktop Experience]
You are passing NULL as the HINTERNET. You need the HINTERNET of the
request, I would think.
Paul
Post by ksachdeva
Hi,
- have a scriptable browser plugin (activex)
- when it is instantiated before it does his work I would like to
verify if the user is on an https site [not a problem, i could do
this]
- validate if the ssl handshake succeeded [the place where I am having
problems]
On this group and elsewhere I saw the reference to two APIs which
_may_ help me but not able to work with them.
First one is InternetQueryOption
I invoke it like this -
char   szBuf[4096] = { 0 };
DWORD  nsize = 4096;
BOOL success =
InternetQueryOption(NULL,INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT,szBuf,&nsize);
if (success) {
// certificate information is now in certInfo
}else{
DWORD errorCode = GetLastError();
}
but the result is always FALSE. When I use GetLastError() I get 0x2ef2
which means invalid internet handle. I passing NULL as HINTERNET
parameter. This implies I have to pass a handle but from where do I
get it for a given browser sessions ?
Second is : InternetGetCertByURL
This is an undocumented API of wininet as mentioned here
http://groups.google.com/group/microsoft.public.inetsdk.programming.w...
but I always get FALSE and on top of that GetLastError() also return
zero which does not help
Would appreciate if some one could help.
Regards & thanks
Kapil
Paul Baker [MVP, Windows Desktop Experience]
2008-10-14 12:46:19 UTC
Permalink
This is a WinInet newsgroup. One of the Internet Explorer newsgroups would
be more appropriate for this question. My guess would be that you cannot.

Paul

"ksachdeva" <***@gmail.com> wrote in message news:d52ab5a9-a938-4fb5-86b9-***@a1g2000hsb.googlegroups.com...
Yes, from where do I get the HINTERNET of the request made by the
browser ?

Regards
Kapil

On Oct 13, 3:49 pm, "Paul Baker [MVP, Windows Desktop Experience]"
Post by Paul Baker [MVP, Windows Desktop Experience]
You are passing NULL as the HINTERNET. You need the HINTERNET of the
request, I would think.
Paul
Post by ksachdeva
Hi,
- have a scriptable browser plugin (activex)
- when it is instantiated before it does his work I would like to
verify if the user is on an https site [not a problem, i could do
this]
- validate if the ssl handshake succeeded [the place where I am having
problems]
On this group and elsewhere I saw the reference to two APIs which
_may_ help me but not able to work with them.
First one is InternetQueryOption
I invoke it like this -
char szBuf[4096] = { 0 };
DWORD nsize = 4096;
BOOL success =
InternetQueryOption(NULL,INTERNET_OPTION_SECURITY_CERTIFICATE_STRUCT,szBuf,&nsize);
if (success) {
// certificate information is now in certInfo
}else{
DWORD errorCode = GetLastError();
}
but the result is always FALSE. When I use GetLastError() I get 0x2ef2
which means invalid internet handle. I passing NULL as HINTERNET
parameter. This implies I have to pass a handle but from where do I
get it for a given browser sessions ?
Second is : InternetGetCertByURL
This is an undocumented API of wininet as mentioned here
http://groups.google.com/group/microsoft.public.inetsdk.programming.w...
but I always get FALSE and on top of that GetLastError() also return
zero which does not help
Would appreciate if some one could help.
Regards & thanks
Kapil
Loading...