Tips & Tricks

Dynamic certificate validation when calling Web services

There are situations when you’ll want to call Web services from C/AL, and those Web services might be protected by certificate that your local machine cannot validate directly. Web service might be secured with a self-signed certificate, or by a certificate obtained from an authority that is not globally trusted.

In all those situations, you might need to have a facility to validate certificates yourself. That’s something that’s at the fingertips of all C# developers through the ServerCertificateValidationCallback delegate. However, in C/AL, delegates are unfortunately not (yet) supported.

A friend of mine had this specific problem today, so I remembered that a short while ago I made a “how do I” video on this specific topic. Thanks, Mathias, for giving me a prod, and reminding me of a quick blog topic.

Here’s the link:

6 thoughts on “Dynamic certificate validation when calling Web services”

  1. somehow would be better to see variables.

    at least for this one

    certificate := Certificate.X509Certificate(MemoryStream)

    1. You can see the variable type right in the video where this line of code you put here is presented. The Certificate variable is declared as a parameter to the method.

  2. Vjeko, how can this approach be applied to FtpWebRequest?

    That class does not have a ServerCertificateValidationCallback property.

    1. Sorry, this is .NET and C/AL, and I am not doing that stuff anymore so I can’t give you a solution. However, as a hint – you could wrap your FtpWebRequest into another class that you then talk to directly.

Leave a Reply