+ Start a Discussion
sf_eliotsf_eliot 

Third Party Web Service Calls with PEM Certificate

I are trying to make web service calls from APEX code to a third-party web service.   The third-party has provided a certificate in the PEM format.  A test application, written outside of Salesforce, verfies that the web services are accessable with the provided certificate.  When re-coded to work inside the APEX, the HttpRequest is denied due to certificate issues.

 

I have discovered two mechanisms for aligning the certificate with the outgoing message.

 

1.  Salesforce provides "Certficate and Key Management."  Download an unsigned key from Salesforce, sign it, upload it.  Unfortunately, I cannot sign on behalf of the third party, and if I switch the certificates and upload the signed one, Salesforce is quick to identifiy that a switch has taken place and terminates the process.

 

2. Hard code the certificate into the request with the deprecated call "setClientCertificate".  This seems to have no effect.   I speculate that it will only work with a PKCS#12 certificate.  I have a PEM key.

 

I must be missing a step in the process, so any help would be appreciated.

 

 

sf_eliotsf_eliot

Still have the same problems, but I think I understand more of the issues.

Big question right now is:

 

The third party certificate is signed with a "verisign class 3 - g2, version 3" certificate.

The SF's accepted ca list includes "verisign class 3 - g2,. version 1."

Will the certificate be rejected if the version codes do not match?

 

Nick

 

Lee ShaLee Sha

Hi Nick,

 

Did you have a solution for your problem?  I am also trying to use setClientCertificate method but not sure what goes in as its parameters.

 

Lee Sha.