Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, June 14, 2011 4:08 AM
HI,
I am designing MP for some server and has written a VBScript to discover its objects. I have to pass the server url as an argument to the script. When I connect to this server via HTTP (port 80) and discover objects, everything works fine. But when I made connection through HTTPS (port 443), no result is fetched. I guess this may be the certificate issue. I saw some code in c# to accept cretificates but I want it in VBScript. Can anybody help me?
Regards, Ravi
All replies (5)
Friday, August 5, 2011 5:05 AM âś…Answered
Hi All,
I got the answer. This just ignore all the certificates:
Const SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS = 13056
Dim oXMLHTTP
Set oXMLHTTP = CreateObject("Msxml2.ServerXMLHTTP.6.0")
Call oXMLHTTP.Open("POST", sUrl, False)
oXMLHTTP.setOption(2) = SXH_SERVER_CERT_IGNORE_ALL_SERVER_ERRORS
Call oXMLHTTP.SetRequestHeader("Content-Type", "text/xml")
This will definitely solve the problem.
Regards, Ravi
Tuesday, June 14, 2011 5:48 AM
Use certutil.exe -addstore
Regards,
Marc Klaver
http://jama00.wordpress.com/
Tuesday, June 14, 2011 11:41 AM
I have implemented following code in the script:
Dim WshShell
Set WshShell - WScript.CreateObject("WScript.Shell")
WshShell.Run "%windir%\System32\certutil.exe -addstore"
but when I checked the event it gnerated following errors:
microsoft.xmlhttp status: 12019
microsoft.xmlhttp send : the download of the specified resource has failed.
Regards, Ravi
Tuesday, June 14, 2011 3:39 PM
Err, no. This isn't something to do in the script. Please look up how to do server side certificates, then obtain a server SSL certificate for the agent managed server that is doing the remote queries. CertUtil is used on the command line to install the certificate on the calling server and then the public key cert on the receiving server (yes, all of them). SSL doesn't work from servers like it does from clients - the negotiation between servers is not permitted to be automatic.
But ... instead of remote discovery, why not just use your agents? You probably can do this much better with agents on the servers you are trying to manage - no need to do SSL at that point and all comms will automatically be encrypted.
Microsoft Corporation
Wednesday, June 15, 2011 5:42 AM
My problem is that these servers are not agent managed and neither i can install agent on it. I have to populate the scom via XML parsing. Regards, Ravi