Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

API call with .PEM and .KEY file

VarunVeetil
Level 2

‎11-06-21 02:07 PM

Hi All,

I was wondering if anyone could provide some guidance on this scenario

The API gateway that I need to hit requires .PEM .KEY authentication. I am trying to incorporate that into blueprism and was wondering if there is any additional setup we can do on the web API services to incorporate the .PEM and .KEY ?

PEM, KEY and the query is correct as I am able to make a successful call via postman.

We also tried using the Certificate thumbprint using the "C:\Program Files\Blue Prism Limited\Blue Prism Automate\automate.exe" /resourcepc /public /port 8181 /sslcert command but getting the below error
Listener failed : Unable to find the requested SSL certificate - ensure that it is installed in the local certificate store and is valid.

TIA

------------------------------
Varun Veetil
------------------------------
0 Likes
14 REPLIES 14

ewilson
Staff
Staff

‎11-06-21 07:48 PM

@Varun Veetil,

The Web API service feature of Blue Prism does not support client certificate authentication. The only options are HTTP Basic, Bearer Token, and OAuth2 Client and JWT. If you need to provide certificate details you'll need to switch to using the HTTP VBO or direct code stages.

Cheers,


------------------------------
Eric Wilson
Director, Partner Integrations for Digital Exchange
Blue Prism
------------------------------
0 Likes

VarunVeetil
Level 2
In response to ewilson

‎01-07-21 03:24 AM

Hi Eric,

Thanks for your response.

Would you know how can I pass the .Key and .Pem through the HTTP VBO and in which format does the headers be specified in the collection?

Thank you
Varun

------------------------------
Varun Veetil
------------------------------
0 Likes

ewilson
Staff
Staff
In response to VarunVeetil

‎01-07-21 04:02 PM

@Varun Veetil,

There is an action on the HTTP VBO called Load Certificate that can be used for loading an X.509 certificate into memory for the VBO to use. It will return an ID if the certificate is successfully loaded. You then pass that ID into your call to the HTTP Request or HTTP Request File actions.

Cheers,


------------------------------
Eric Wilson
Director, Partner Integrations for Digital Exchange
Blue Prism
------------------------------
0 Likes

VarunVeetil
Level 2
In response to ewilson

‎02-07-21 06:51 AM

Thanks Eric.
Could you also give me the format in which the header collection needs to be in?

I have 5 headers that I need to pass which I tired by creating 2 columns "Key" & "Value", but doesn't seem to work.

Currently, I am getting a 403 without the headers and would like to believe its just to do with the headers and the cert is good.

Thank you
Varun

------------------------------
Varun Veetil
------------------------------
0 Likes

ewilson
Staff
Staff
In response to VarunVeetil

‎02-07-21 03:39 PM

There is no required name for the columns. If you look at the Code stage within the HTTP VBO for the HTTP Request you'll see the logic that deals with the Headers Collection. The code pulls the column name, whatever it is, from the Column definition within the DataTable. It then uses that value to access the actual data in the rows.

31480.png
Cheers,

------------------------------
Eric Wilson
Director, Partner Integrations for Digital Exchange
Blue Prism
------------------------------
0 Likes

ewilson
Staff
Staff
In response to ewilson

‎02-07-21 03:40 PM

You can verify that your headers are being set by using a tool like Fiddler to capture the actual network request.

Cheers,

------------------------------
Eric Wilson
Director, Partner Integrations for Digital Exchange
Blue Prism
------------------------------
0 Likes

Dominika.Zolotarew
Level 4
In response to ewilson

‎21-07-23 02:50 PM

Hello Eric,
Provider of the service expects call that in cURL looks like this: 


curl -k -X GET  "https://urlfake.json"  --key "C:\Desktop\decrypted_private_key.pem" --cert "C:\Desktop\public_cert.pem"

So I need to provide public certificate and the private rsa key separately in PEM format.

"Load Certificate" action from the VBO only gives me possibility to load one of these files and then I can provide only one Certificate ID in the next callas.
Any solution for that? 



------------------------------
Dominika Zolotarew
------------------------------
0 Likes

ewilson
Staff
Staff
In response to Dominika.Zolotarew

‎24-07-23 02:32 PM

Hello @Dominika.Zolotarew,

As far as I know, Microsoft has only added direct support for PEM certificates in .NET Core. Blue Prism uses the .NET Framework though, and in the .NET Framework class used by the Utility - HTTP VBO, only PKCS12 certificates are supported. So you would need to convert you PEM certificate to the PKCS12 format.

If you're able to interact with the service via cUrl, you could use the Utility - Environment VBO to execute your cUrl command from a command prompt and then receive the response output.

Cheers, 



------------------------------
Eric Wilson
Director, Integrations and Enablement
Blue Prism Digital Exchange
------------------------------
0 Likes

Dominika.Zolotarew
Level 4
In response to ewilson

‎25-07-23 01:39 PM

Hello Eric,
Thank you for your response.

Yes, I have tried to utilize cmd, however, I cannot go past this error "curl: (58) schannel: Failed to import cert file C:\Desktop\public_cert.pem, last error is 0x80092002". It seems it can be resolved by downgrading the cURL, but it might not be possible in our workspace



------------------------------
Dominika Zolotarew
------------------------------
0 Likes