How to read data from a Secure Socket Layers (SSL) Web server using the URL engine


When you attempt to read data from a Web site that uses Secure Socket Layers (denoted by URLs that begin with HTTPS://), the following error message might appear:

ERROR: SSL support not enabled.

In order to read an HTTPS URL, you must download the SAS/SECURE™ SSL Add-in module. SSL support is not installed by default due to trade restrictions with several countries that do not allow this protocol. The add-in can be found at  SAS/Secure Software.

In order to access the data on a secure Web site, you must also obtain a certificate from the site administrator of the SSL-enabled Web site. This certificate file needs to be imported into Internet Explorer's Trusted Root Certification Authorities following either of the two following methods.

Method 1

  1. Open Internet Explorer.
  2. Click Tools ► Internet Options ► Contents ► Certificates.
  3. Click Import.
  4. Click Next.
  5. Browse for the certificate file on your PC, and click Open.
  6. Click Next.
  7. Click the Place all certificates in the following store radio button.
  8. Browse for certificate store and select Trusted Root Certification Authorities.
  9. Look over the settings, and then click Finish.

Method 2

  1. Open Internet Explorer.
  2. Open the Web site you are trying to access, (which should prompt you with a Security Alert dialog about viewing pages over a secure connection)and then select OK (unless you have selected not to show this window again). A Choose a digial certificate dialog box appears.
  3. Select OK. A Security Alert dialog box appears explaining that the security certificate was issued by a company you have not choosen to trust.
  4. Select Yes. The certificate dialog opens.
  5. Select Install Certificate. The Certificate Import Wizard starts.
  6. Select Next.
  7. On the Certificate Store, select Browse to "Place all certificates in the following store."
  8. In the Select Certificate Store, change the highlight from Personal to Trusted Root Certification Authorities, and then select OK.
  9. Select Next at the Trusted Root Certification Authorities store prompt, then select Finish on the Completing the Certificate Import Wizard.
  10. On the Security Warning, select Yes to install the certificate. You should receive a dialog box stating that the import was successful.
  11. Click OK.

Note: Only sites that prompt for user credentials in a pop-up prompt box can be accessed. The USER= and PASS= parameters will supply your credentials to the site. For example:

options SSLCLIENTAUTH; filename foo url 'https://www.examplecase.com/filename.dat' user='xxxxx' pass='xxxx';

SAS still will not be able to enter Web sites that require a user ID and password to be provided via a login form on the site.