Microsoft KB Archive/224282

= How To Select Client Certificate in WinInet =

Article ID: 224282

Article Last Modified on 7/13/2004

-

APPLIES TO


 * Microsoft Internet Explorer 4.0 128-Bit Edition
 * Microsoft Internet Explorer 4.01 Service Pack 2
 * Microsoft Internet Explorer 4.01 Service Pack 1
 * Microsoft Internet Explorer 4.01 Service Pack 2
 * Microsoft Internet Explorer 5.0
 * Microsoft Internet Explorer 5.01
 * Microsoft Internet Explorer 5.5
 * Microsoft Internet Information Services 5.0

-



This article was previously published under Q224282



SUMMARY
This article explains how you can select a client certificate by using the WinInet APIs.



MORE INFORMATION
When you are accessing any Secure Socket Layer (SSL)-protected resource on a Web server that requires a valid client certificate, the WinInet HttpSendRequest API or Microsoft Foundation Classed (MFC) CInternetFile::SendRequest fails and the following error message appears:

ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED (12044)

To correctly handle this error, you can call InternetErrorDlg to bring up the client certificate dialog box (similar to the one in Internet Explorer) for the user to select the certificate. The code sample is shown as follows: ... while ( !HttpSendRequest( hReq, NULL, 0, NULL, 0 ) ) {   dwError = GetLastError; if ( dwError == ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED ) {      // Return ERROR_SUCCESS regardless of clicking on OK or Cancel if( InternetErrorDlg( GetDesktopWindow, hReq, ERROR_INTERNET_CLIENT_AUTH_CERT_NEEDED, FLAGS_ERROR_UI_FILTER_FOR_ERRORS      | FLAGS_ERROR_UI_FLAGS_GENERATE_DATA    | FLAGS_ERROR_UI_FLAGS_CHANGE_OPTIONS, NULL) != ERROR_SUCCESS ) {          return ; }   } } ... The same idea applies to MFC WinInet. In the case of MFC WinInet classes, the MFC methods corresponding to the WinInet APIs above are as follows:
 * CInternetFile::SendRequest
 * CInternetFile::ErrorDlg