Android Question Sending JSON data to an api server with a pfx certificate.

nesam

Member
Licensed User
Longtime User
I try for 2 weeks without success.
The requirement is that: POST method, Header acceptance: application / json, Content-Type: application / json. Authentication: Use the client's digital certificate for authentication with each request to Api. Client digital certificate: .pfk file and two .cer files (RCA and CA 1).
I made an example in vb.net and it works.

Is that possible with b4a?


ASP.net:
Imports System.IO
Imports System.Net
Imports System.Net.Http
Imports System.Security.Cryptography.X509Certificates
Imports System.Text

Public Class Form1

    Private Sub Button1_Click(sender As Object, e As EventArgs) Handles Button1.Click

        Dim invoiceRequest As String = My.Computer.FileSystem.ReadAllText("C:\Users\Public\test.txt") 'JSON structure
        
        Dim httpContent = New StringContent(invoiceRequest, Encoding.UTF8, "application/json")
        Dim client As New HttpClient
        Dim handler As New WebRequestHandler

        GetClientAndHandler(handler, client)

        Dim response = client.PostAsync("/api/Sign/Service", httpContent).Result

        If response.StatusCode = HttpStatusCode.OK Then
            Dim jsonString = response.Content.ReadAsStringAsync()
            jsonString.Wait()
            Dim invoiceResponse = jsonString.Result
            TextBox2.Text = invoiceResponse
        Else
            TextBox2.Text = "HTTP status not OK, status: " + response.StatusCode.ToString
        End If
    End Sub

    Private Shared Sub GetClientAndHandler(ByRef handler As WebRequestHandler, ByRef client As HttpClient)
        handler = CreateWebRequestHandler()
        client = New HttpClient(handler)
        client.BaseAddress = New Uri("https://xxxx.xxxx.xx.xxx.xx.xx/")
        client.DefaultRequestHeaders.Accept.Clear()
    End Sub

    Private Shared Function CreateWebRequestHandler() As WebRequestHandler
        Dim handler = New WebRequestHandler()
        Dim cert = GetClientCertificate()
        handler.ClientCertificateOptions = ClientCertificateOption.Manual
        handler.ClientCertificates.Add(cert)
         Return handler
    End Function

    Private Shared Function GetClientCertificate() As X509Certificate2
        Dim certName As String = "xxname certxx"
        Dim store = New X509Store(StoreName.My, StoreLocation.CurrentUser)
        store.Open(OpenFlags.OpenExistingOnly Or OpenFlags.[ReadOnly])
        Return store.Certificates.Find(X509FindType.FindBySubjectName, certName, True)(0)
    End Function
 

aeric

Expert
Licensed User
Longtime User
Is that possible with b4a?
Yes
 
Upvote 0

nesam

Member
Licensed User
Longtime User
Thanks a lot, but that's okay, my problem is sending certificates.
The server is allowed access only through a certificate. The certificate is installed on the device. Finding from the store and sending to the server is my problem.
 
Upvote 0

drgottjr

Well-Known Member
Licensed User
Longtime User
i believe you can solve your problem with b4a, but not in b4a.
here's what i've found (and been able to do): the code snippets here:
https://stackoverflow.com/questions/53637121/use-a-certificate-in-an-okhttp-request-with-android
claim to be a working example of posting json with a certificate.

i've resolved the dependencies, combined the snippets and modified them
slightly. (one snippet deals with posting, the other with the keystore.)

the thing builds successfully as a b4a project with inline java and wrapped with
a java object. whether it actually runs successfully i can't say, as i have no way
of testing (no certificate and no server looking for one). plus, i don't know how
much of any further modifications you're up for. the b4a part is trivial; it's working
with java that may prove the stumbling block. (note: the example assumes running
on the main thread. this can easily be resolved in one of two ways, should you
actually get that far.)

by the way, you can apparently also solve your problem with a webview (it supports
certificates just as if you were using one in a full-blown browser.)
 
Upvote 0

drgottjr

Well-Known Member
Licensed User
Longtime User
Upvote 0
Top