I would like to know how to integrate a digital certificate of type A3 into the TIdSSLIOHandlerSocketOpenSSL component. I have been able to perform the search part and choose which digital certificate to use, but I am now having difficulty associating the chosen certificate with the TIdSSLIOHandlerSocketOpenSSL component, as I need to access the GNRE - https://www.testegnre.pe.gov.br/gnreWS/services/GnreLoteReception that requires that connection to this webservice is done through a certificate.
Function that gets the certificate settings
This function uses the Capcom component from Microsoft.
function TForm1.GetCertificado: Boolean;
var
Store: IStore3;
CertsLista, CertsSelecionado: ICertificates2;
CertDados: ICertificate;
lSigner: TSigner;
lSignedData: TSignedData;
begin
Result := False;
Store := CoStore.Create;
Store.Open(CAPICOM_CURRENT_USER_STORE, 'My',CAPICOM_STORE_OPEN_MAXIMUM_ALLOWED);
CertsLista := Store.Certificates as ICertificates2;
CertsSelecionado := CertsLista.Select('Certificado(s) Digital(is) disponível(is)',
'Selecione o Certificado Digital para uso no aplicativo', False);
if not(CertsSelecionado.Count = 0) then
begin
CertDados := IInterface(CertsSelecionado.Item[1]) as ICertificate2;
{ Configura o objeto responsável por fazer a assinatura, informando qual é o certificado a ser usado e o conteúdo a ser assinado }
lSigner := TSigner.Create(self);
lSigner.Certificate := CertDados;
lSignedData := TSignedData.Create(self);
lSignedData.Content := ' ';
if CertDados.ValidFromDate > Now then
begin
showmessage('Certificado não liberado. aguardar ' + datetostr(CertDados.ValidFromDate));
exit;
end;
if CertDados.ValidToDate < Now then
begin
showmessage('Certificado expirado');
exit;
end;
{ Solicita a senha }
lSignedData.Sign(lSigner.DefaultInterface, False, CAPICOM_ENCODE_BASE64);
Result := True;
lSignedData.Free;
lSigner.Free;
end;
end;
WebService Access
function EnvioWS(XML:String):String;
var
SSLIOHandlerSocketOpenSSL: TIdSSLIOHandlerSocketOpenSSL;
IdHTTP: TIdHTTP;
Retorno, Envio: TStringStream;
begin
try //Instancia e configuração
IdHTTP := TIdHTTP.Create(nil);
IdHTTP.HTTPOptions := [hoKeepOrigProtocol];
SSLIOHandlerSocketOpenSSL := TIdSSLIOHandlerSocketOpenSSL.Create(IdHTTP);
IdHTTP.IOHandler := SSLIOHandlerSocketOpenSSL;
IdHTTP.Request.CharSet := 'UTF-8';
IdHTTP.Request.ContentType := 'application/soap+xml; charset=utf-8';
if GetCertificado then
begin
//Envio ao WS
Envio := TStringStream.Create(XML);
Retorno := TStringStream.Create(EmptyStr);
IdHTTP.CustomHeaders.Add(Format('SOAPAction: "%s"', ['http://www.gnre.pe.gov.br/webservice/GnreResultadoLote/GnreConfigUF']));
IdHTTP.post(Envio, Retorno);
Result := Retorno.DataString;
end;
finally
if assigned(IdHTTP) then
FreeAndNil(IdHTTP);
if assigned(Retorno) then
FreeAndNil(Retorno);
if assigned(Envio) then
FreeAndNil(Envio);
end;
end;