Hey everyone,
We wanted to share an update for those using Classic ASP to call our APIs. Our server does request a client certificate but does not require one, but unfortunately the MSXML2.ServerXMLHTTP.6.0 object doesn’t properly handle client certificate authentication as per TLS standards. You might be able to find a workaround using the WINHTTP_NO_CLIENT_CERT_CONTEXT option flag with WinHttp instead, and can read more about the flag here. If that doesn’t work, another option is to pass any client certificate that you have installed on your server. This certificate isn’t used for authentication, so any certificate should theoretically be sufficient.
We understand this is disappointing, and we’re truly sorry for the disruption. However, at this time, we’re unable to provide dedicated support for Classic ASP and migrating off of Classic ASP is likely the the best long-term solution to work with our APIs.
If you have any questions or insights on workarounds that have worked for you, feel free to share them in this thread.
Thanks for your understanding,
Anjan
Edit: this StackOverflow post may be of help too. Since the certificate is not used for authentication, you can try to pass in a valid client certificate and make sure that your application has the proper permissions to use it. This approach of passing a client certificate should hopefully work for any other clients as well (incl. Non-Classic ASP) that are running into this issue.