Hi Wagner,
Many thanks for your help. I think I'm almost there but the call to WinHttpSetOption is failing with error code 12018 - ERROR_WINHTTP_INCORRECT_HANDLE_TYPE. I guess it doesn't like the handle returned by the Session property. Here is the code :
TInternalHTTPClient = class(THttpClient)
end;
TInternalHTTPEngine = class(TWinHttpEngine)
end;
var
httpClient: THttpClient;
httpRequest: THttpRequest;
httpResponse: THttpResponse;
httpSession: HINTERNET;
Store: HCERTSTORE;
Cert: PCERT_CONTEXT;
begin
httpClient := THttpClient.Create;
// Open the 'Personal' SSL certificate store for the local machine and locate the required client-side certificate
Cert := nil;
Store := CertOpenStore(CERT_STORE_PROV_SYSTEM, 0, 0, CERT_SYSTEM_STORE_LOCAL_MACHINE, PChar('MY'));
if (Store <> nil) then
Cert := CertFindCertificateInStore(Store, X509_ASN_ENCODING, 0, CERT_FIND_SUBJECT_STR, PChar('mycertsubject'), nil);
// If a valid certificate was found then OK to create and send the HTTP request
if (Cert <> nil) then
begin
.....
// Get a handle to the HTTP client session
httpSession := TInternalHTTPEngine(TInternalHTTPClient(httpClient).Engine).Session;
// Set the client-side SSL certificate for the request
WinHttpCheck(WinHttpSetOption(httpSession, WINHTTP_OPTION_CLIENT_CERT_CONTEXT, Cert, SizeOf(Cert)));
.....
end;
I think the WinHttpSetOption function maybe expecting the handle from the HTTP request, rather than the session handle. That is the request created by this line in TWinHttpEngine.DoSend :
Req := WinHttpOpenRequest(Conn, PWideChar(Request.Method),
Could that be the case?
Thanks,
Jonathan