How to send .Key certificate with Web Service using AL

STLamb · July 1, 2022, 4:08am

A large US bank requires a Pem certificate and a Key certificate to be sent when calling their web service. Basically this is what the cURL looks like if it helps:

I am able to successfully call the WS using Postman and as you can see Postman caters for a Key and a Cert (here I use the Pem certificate) certificate.

In AL I am using the following code to to add the certificates in the hope that I can add the two certificates, however when I get to loading the Key Certificate, it throws out a message “Cannot find the requested object” when hitting the code lClient.AddCertificate(lKeyCert,‘’)

It appears either AL does not recognize a .Key file as a certificate or there is no function to cater for Key certificates.

I am trying to avoid using DotNet as this customer will be transitioning to the cloud.

Has anyone come across this issue before and got around it?

AL Language v9.3.646020

BC On Prem Version: NA Business Central 17.2 (Platform 17.0.19353.19730 + Application 17.2.19367.19735)

STLamb · July 19, 2022, 4:42pm

For the unfortunate soul who comes across this issue, this was resolved by combining the PEM certificate and the KEY certificate into one PFX certificate.

By downloading and installing openSSL and then using command prompt to convert the certs using the following command line:

openssl pkcs12 -export -out “Path to Certs\Cert.pfx” -inkey “Path to Certs\Cert.key” -in “Path to Certs\Cert.pem”

The PFX cert can then be stored in a blob field in a table and then sent with the Web Service request as follows:

    lClient.Clear();
    lSetup.CalcFields("Certificate Store");
    lSetup."Certificate Store".CreateInStream(lInstreamCert);
    lPemCert := lBase64.ToBase64(lInstreamCert);
    lClient.AddCertificate(lPemCert, '');