4

I have a classic ASP application that does a pretty simple server-side GET.

I have used the same code for years and across hundreds of users without a problem. But, now just one user reports the following error:

msxml3.dll error '80072f06'
The host name in the certificate is invalid or does not match

I can't reproduce the error on any system I've tried (various combinations of operating systems and browsers).

And, I'm even more perplexed because this is pure server-side code - the server is requesting data from another ASP page (on the same server), so I'm not sure how the client browser could matter anyway.

The offending code is pretty simple:

  Set HTTP = Server.CreateObject("MSXML2.ServerXMLHTTP.3.0")
  URL="https://www.someserver.com/somepage.asp?id=12345"
  HTTP.Open "GET", URL, FALSE, username,password
  HTTP.SetRequestHeader "User-Agent",Request.ServerVariables("HTTP_USER_AGENT")
  HTTP.Send ""

Again, this works fine for hundreds of users - only one problem about which we've heard.

The user with the problem is running Win7 (64-bit) and IE9 if that matters (since I do set the agent to the user's actual agent). But, when I manually set the agent to the user's exact string, I still can't reproduce the problem.

Any thoughts or ideas? I'd be very appreciative!

donchanger
  • 61
  • 1
  • 5
  • 1
    Do all the hundreds of users access the same one website with your asp-code, or do they all have a local installation of IIS and run their own webserver with your code? Do they all access exactly the same www.someserver.com or different servers? – Jeff Jan 28 '13 at 21:55
  • Related to Jeff's questions: does the server you access for that user have a valid SSL certificate, and does your server recognise the validity of the CA (certifying authority) that signed the SSL certificate? – webaware Jan 29 '13 at 01:58
  • The server does have a valid SSL certificate, and the cert was sold and installed by the web host, so I would certainly think it is recognized as valid. All users run the same server-side ASP code - they visit an ASP page on our server, which in turn runs the code above to get other information. – donchanger Jan 30 '13 at 14:25

1 Answers1

4

You need to use the setOption Method and getOption Method,

This should help you out:

VBA ServerXMLHTTP https request with self signed certificate

Community
  • 1
  • 1
silver
  • 650
  • 4
  • 15
  • Thank you. I had seen that thread previously but am not sure how setOption and getOption could affect only one out of many users. I know that does not mean it won't work - stranger things have happened! - but I'm still curious. We will try to see if this helps but since we can't recreate the problem on any of our own machines, it is hart to test. Thanks. – donchanger Jan 30 '13 at 14:28
  • When you say 1 user, is that a user of the code (like a server admin) or a frontend user person access the code? If it is front end that is very strange. – silver Feb 04 '13 at 04:25
  • The 'user' means a 'frontend' person... that is, a person accessing our web server via their browser from some other location. And, if it matters, we now have a second report of the same problem, although we still can't reproduce it from numerous other machines we've tried. – donchanger Feb 11 '13 at 23:05
  • and they are all accessing the same code base on the same server? The url you are trying to access with MSXML2 is also the same for every user? – silver Feb 13 '13 at 07:07