Dynamic certificate validation when calling Web services

There are situations when you’ll want to call Web services from C/AL, and those Web services might be protected by certificate that your local machine cannot validate directly. Web service might be secured with a self-signed certificate, or by a certificate obtained from an authority that is not globally trusted.

In all those situations, you might need to have a facility to validate certificates yourself. That’s something that’s at the fingertips of all C# developers through the ServerCertificateValidationCallback delegate. However, in C/AL, delegates are unfortunately not (yet) supported.

A friend of mine had this specific problem today, so I remembered that a short while ago I made a “how do I” video on this specific topic. Thanks, Mathias, for giving me a prod, and reminding me of a quick blog topic.

Here’s the link: https://youtu.be/NW_ZiW6J790

Vjeko

Vjeko has been writing code for living since 1995, and he has shared his knowledge and experience in presentations, articles, blogs, and elsewhere since 2002. Hopelessly curious, passionate about technology, avid language learner no matter human or computer.

This Post Has 6 Comments

  1. Emilia Nguyen

    Thank you so much for this post. It saves my day!

  2. allmnt

    somehow would be better to see variables.

    at least for this one

    certificate := Certificate.X509Certificate(MemoryStream)

    1. Vjeko

      You can see the variable type right in the video where this line of code you put here is presented. The Certificate variable is declared as a parameter to the method.

  3. Matt Keyes

    A download link for your VS project would be helpful here

  4. Tim Whitley

    Vjeko, how can this approach be applied to FtpWebRequest?

    That class does not have a ServerCertificateValidationCallback property.

    1. Vjeko

      Sorry, this is .NET and C/AL, and I am not doing that stuff anymore so I can’t give you a solution. However, as a hint – you could wrap your FtpWebRequest into another class that you then talk to directly.

Leave a Reply