KMarb
Members-
Content Count
77 -
Joined
-
Last visited
-
Days Won
1
KMarb last won the day on August 13 2022
KMarb had the most liked content!
Community Reputation
5 NeutralRecent Profile Visitors
The recent visitors block is disabled and is not being shown to other users.
-
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
My real problem is that I'm uneducated about the world of OAuth2, REST and so forth. And I'm not in a position to learn from the beginning. I need a solution that works as soon as I can get it, and as I use the tool I expect I will learn these technologies in bits and pieces. Since I have everything working in Postman I know I have the pieces (cert file, key file, client id, client secret) needed to get an access token. The problem is I don't know how to plug those pieces into ICS to make things work. I appreciate very much your suggestions and help. I am making progress using a different set of components and will follow that path for now, as I need something working now. Again, thank you for all your feedback. -
Need help/components for OAuth2 SSL client certificate REST
KMarb replied to KMarb's topic in Network, Cloud and Web
Your were right. My Package output directory was blank. I entered $(BDSCOMMONDIR)\Bpl as you suggested and then the components installed without problem. Thank you. Also with your help by email I have been able to request and receive an access token. The second thing I need to do is call the REST API with the token to send/receive data. Thank you for the help! -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
I followed your steps and now have 2 new bundles. Thank you. I am trying the example again with the PKCS12 file and my message when I click "Start Rest Request" is this: --------------------------- ICS HTTPS REST and OAuth Demo --------------------------- Error reading X509 DER certificate - <filename>.pem. I created this file using the steps you sent. When I created the PEM Cert it gave a message that the private key was None, but the pkcs file seemed okay. Is there anyone you know who would consult with me on a paid basis to get the Postman example that I have working converted over to ICS? -
Need help/components for OAuth2 SSL client certificate REST
KMarb replied to KMarb's topic in Network, Cloud and Web
I was installing manually following those steps. Both run-time and design-time packages compile, but when I try to install design-time I get that error, Can't load package E:\Programming\sgcWebSockets_D10_1\Packages\dclsgcWebSocketsD10_1.bpl. The specified module could not be found. I had a similar problem when trying to test ICS and had to add a couple of DLLs to my path. Any other ideas? -
Need help/components for OAuth2 SSL client certificate REST
KMarb replied to KMarb's topic in Network, Cloud and Web
Trying to install design package trial in D 10.1 and receive this error: exception message : Can't load package E:\Programming\sgcWebSockets_D10_1\Packages\dclsgcWebSocketsD10_1.bpl. The specified module could not be found. What dll's or files might be missing from my path? -
Need help/components for OAuth2 SSL client certificate REST
KMarb posted a topic in Network, Cloud and Web
I have a requirement for my Delphi program to use a corporate web service. I've done a little of this, but not using OAuth2 or client certificates. I'm stumped and looking for some recommendations. I have used Postman and can successfully make the calls I need. The HTTP REST calls are 2-part, one to retrieve a bearer/access token, and then another call (GET or PUSH) to retrieve/send the data I need. I am hoping to get feedback from someone who can tell me 1) what Delphi components to use (happy to purchase something), and 2) how to take my working Postman experience and translate it to the recommended components. The things I have: client id, client secret, client certificate and several versions of pem, crt, cer, p7b files. The things I don't have: a good understanding of the underlying technologies. I will learn what I need to, but I do not want to spend a lot of time learning about this world right now. Does TMS has a product that can do this? What about n/ software (I think that's the name). I've been trying ICS for over a week but it is not working and I don't know how to dig into the data to see why it does not work. Thanks in advance. -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
I have a pkcs7 file with file extension .crt. I am new to all this, so forgive me for asking simple questions, but is there a way to use that file with ICS? I have other flavors of files too, but I'm not sure how to give ICS what it needs... to mimic what I did with Postman which does work, so the problem is with me not knowing the domain of info (ssl authentication mechanism) as well as not knowing how to mimic postman settings in ICS. -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
I've tried multiple variations but the PemTool does not "see" the private key, makes no mention of it. I've tried: -----BEGIN CERTIFICATE----- (cert1) -----BEGIN PRIVATE KEY----- -----BEGIN CERTIFICATE----- (cert2) and -----BEGIN CERTIFICATE----- (cert1) -----BEGIN CERTIFICATE----- (cert2) -----BEGIN PRIVATE KEY----- There is no mention of the private key in the PemTool demo. Do you have any suggestions? -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
The PemTool does not show a private key. Here is the format of my Pem file, does this look correct? -----BEGIN PRIVATE KEY----- MII... -----END PRIVATE KEY----- -----BEGIN CERTIFICATE----- MII... -----END CERTIFICATE----- -----BEGIN CERTIFICATE----- MII... -----END CERTIFICATE----- -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
Mr. Angus, I used the sample pem tool bundle file viewer. You said I could find out if I have a matching key. How do I determine that. I don't know what info is sensitive and should remain private, so I've removed anything that might be so. Here is part of the results when I view the pem file: GENERAL Serial Number: <sn> Issued on (UTC): 2/4/2023 Expires on (UTC): 2/3/2025 11:59:59 PM Basic Constraints: CA=FALSE Key Usage: Digital Signature Extended Key Usage: TLS Web Client Authentication, Microsoft Smartcard Login Authority Info, OCSP: <url> Authority Info, Issuer Cert: <url>.crt Certificate Policies: Policy: 1.3.6.1.4.1.500.12.1, CPS: <url> CRL Distribution Points: Full Name:, URI:<url> Authority Key Identifier: AE:... Subject Key Identifier: 9C:... Signature Algorithm: sha256WithRSAEncryption Fingerprint (sha1): d7... Fingerprint (sha56): e0... Key Info: RSA Key Encryption 2048 bits, 112 security bits How do I determine if I have a matching key? -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
Thank you. I will try Charlesproxy. the problem for me is that I don't know this world, I will need to learn charlesproxy and wireshark. So visiting more forums, more faqs, etc... Was hoping there was a shorter route from Postman to ICS. -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
Why does the ICS Authentication Login form show sometimes? I cannot see the pattern of conditions that causes that dialog to show or not. Everything I try now returns the error, "proper client ssl certificate was not presented" I took my .key file and my .pem file (with 2 certs) and concatenated, in that order, to create a single pem file that I thought would be what ICS expects. My situation is, this is a one off for me, the need to integrate with a corporate API. I don't live in the world of SSL certificates and REST. I say this because, if I could hire someone for an hour to review my specific situation and help me get over the hump (which is to make a successful request to get the bearer token, using ICS), I can handle the rest of it. Since I have Postman working, it should be straightforward to translate to ICS. My problem - I don't know where to hit the machine or how hard to hit it. You are volunteering your time, and I am very appreciative of that. Not knocking this approach at all. But, since I'm so uninformed, and don't have the time to become fully informed about this world right now, do you know if there is someone I can hire to look at my Postman config and translate what I need to ICS? -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
I continue to get same error: { "error": "invalid_request", "error_description": "proper client ssl certificate was not presented" } I'm guessing my pem file is lacking. In Postman I have this: Given the error, proper client ssl cert was not presented, I think I need to combine the postman .pem and .key files into a single .pem for ICS. All this is new to me, just learning what I need to get a job done. I will read up on how to create the pem needed for ICS and see if that gets things working. I will post back later with status and maybe more questions. Thank you very much! I'm wondering if my pem file is incorrect. You had suggested that I could create a pem file from my CRT and -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
Getting a different error now (changed REST Content)... not sure if this is progress or not. Please review and advise and thank you (a lot, really): Here is the response - it is no longer complaining about the grant_type param, so maybe this is moving the right direction?: Found Cached OCSP Status OCSP Status Response: successful <URL> Certificate OCSP Status Valid, Not Revoked Request completed: 401 Unauthorized Request done, StatusCode 401 { "error": "invalid_request", "error_description": "proper client ssl certificate was not presented" } -
New to x509 - how to mimic Postman config using ICS
KMarb replied to KMarb's topic in ICS - Internet Component Suite
I've tried many variations for the parameters but continue to get the error. I also tried listing the full parameters in the raw parameters field but that also did not work. Connected OK to: <URL> Request completed: 500 Internal Server Error Request done, StatusCode 500 { "error":"invalid_request", "error_description":"Missing or invalid grant_type" } Json main content type: stObject If tried with all 3 params as RPTypeObj. Same error. What options affect this? Do I need to consider any pages other than the first two? If it helps, here is the code generated for HTTP from Postman: POST /auth/oauth/v2/token HTTP/1.1 Host: <URL> Content-Type: application/x-www-form-urlencoded Content-Length: 127 grant_type=client_credentials&client_id=<clientID>&client_secret=<clientSecret>