locked
"The supplied certificate is invalid" ONLY in WinPE when accessing a web service RRS feed

  • Question

  • I'm having a very strange problem which was not happening one day, and then was happening the next. 

    I have a web service which is accessed via a vbscript during the rules processing stage of an MDT deployment (MDT 2012 Update1).  The script now returns the error "The supplied certificate is invalid"

    The important parts of the code are as follows:

    Dim oHTTP2, oXML
    Set oHTTP2 = CreateObject("MSXML2.ServerXMLHTTP")
    Set oXML = CreateObject("MSXML2.DOMDocument")
    oXML.setProperty "SelectionLanguage", "XPath"
    oHTTP2.open "POST", "https://<fqdn>:446/DesktopImagingSvc/DesktopImagingSvc.asmx/<Method>, False,"<domain/userID>","<password>"
    oHTTP2.setRequestHeader "Content-Type", "application/x-www-form-urlencoded"
    oHTTP2.SetOption 2, 13056   ' supposed to ignore certificate errors, but doesn't work
    oHTTP2.send sEnvelope    'send the envelope

    The send method produces the error even though the SetOption 2,13056 is supposed to ignore errors. 

    This script works fine in Windows, just not in WinPE.  I've tried the following:

    - rebuilding my PE media

    - using newer versions of WinPE (up to Win10)

    - Using MDT standard scripts (ZTIDataAccess.vbs)

    - Using different versions of the ServerXMLHTTP object (6.0)

    According to a coworker some of our certificates were replaced recently and since our code has never changed the problem must be on the server side.  I don't know what else to try.

    Any suggestions would be greatly appreciated.

    Woody

    • Moved by Bill_Stewart Saturday, December 17, 2016 4:14 PM Move to more appropriate forum
    Friday, December 16, 2016 8:28 PM

All replies

  • The web site certificate is not valid because it is expired or you may not have a CA root cert in the PE system.

    This is not an MDT forum.  You should post in teh MDT forum for assistance.


    \_(ツ)_/

    Friday, December 16, 2016 9:26 PM