I'm trying to get to a webservice with the http plugin. The service runs on a server with a security certificate. Therefore I created a script like this:
var httpmsg = plugins.http.createNewHttpClient();
var postmsg = httpmsg.createPostRequest('https://www.someservice.nl/api/etc/ect/request');
postmsg.addHeader('Extra-header', securitykey);
respons = postmsg.executeRequest();
When I do this the respons on this URL is always <null>; while doing it in a browser gives a valid (and logic) respons.
I checked with the http plugin and it seems that roughly 9 out of 10 "https" (not http) url's all give <null> when fired with:
plugins.http.getPageData(url);
Is there an issue with security certificates? I'm sure the certificate on this server I try to reach is a valid one and paid for.
Anyone any suggestions?
https protocol with http plugin
8 posts
• Page 1 of 1
Re: https protocol with http plugin
by boonstrj » Thu Jan 17, 2013 6:29 pm
Check the log file, it should give you more info.
Jeroen Boonstra
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
- boonstrj
- Posts: 63
- Joined: Mon Jan 07, 2008 11:49 am
- Location: Netherlands
Re: https protocol with http plugin
by jos@devoon.nl » Fri Jan 18, 2013 9:16 am
Ok the log says:
2013-01-18 08:10:24,985 ERROR [AWT-EventQueue-0] com.servoy.j2db.util.Debug - Throwable [EEC7EBD9-C9F0-472D-934F-6175D8BFCCF9 ASSYST]
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
So the connection is blocked because of the certificate: "peer not authenticated"(?)
Why the browserbean can connect the same url without explicit authentication?
What should we do do connect to this url with the http plugin?
2013-01-18 08:10:24,985 ERROR [AWT-EventQueue-0] com.servoy.j2db.util.Debug - Throwable [EEC7EBD9-C9F0-472D-934F-6175D8BFCCF9 ASSYST]
javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
So the connection is blocked because of the certificate: "peer not authenticated"(?)
Why the browserbean can connect the same url without explicit authentication?
What should we do do connect to this url with the http plugin?
Jos Uitenbogaard
Devoon
Devoon
-
jos@devoon.nl - Posts: 60
- Joined: Tue Oct 25, 2011 11:59 am
- Location: Reeuwijk NL
Re: https protocol with http plugin
by boonstrj » Fri Jan 18, 2013 10:22 am
Yes.
I don't know what method the browser bean uses to authenticate certificates.
But the HTTP plugin uses the Java security list. I had the same problem with my test site using a self signed certificate, I had to manually add this certificate to the Java security list (don't ask me how it's been a while ago). But you said it was a valid certificate so maybe it can only validated online, you can try setting this option in the Java control panel (Advanced tab-> security -> general -> Eneable online certificate validation). I don't know if this works I haven't tried this and I'm not an expert on this.
Hope this helps,
I don't know what method the browser bean uses to authenticate certificates.
But the HTTP plugin uses the Java security list. I had the same problem with my test site using a self signed certificate, I had to manually add this certificate to the Java security list (don't ask me how it's been a while ago). But you said it was a valid certificate so maybe it can only validated online, you can try setting this option in the Java control panel (Advanced tab-> security -> general -> Eneable online certificate validation). I don't know if this works I haven't tried this and I'm not an expert on this.
Hope this helps,
Jeroen Boonstra
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
- boonstrj
- Posts: 63
- Joined: Mon Jan 07, 2008 11:49 am
- Location: Netherlands
Re: https protocol with http plugin
by jos@devoon.nl » Fri Jan 18, 2013 10:40 am
Thanks for your answer. I tried that setting in the java prefs. No difference.
The certificate is worldwide accepted; it is even in the list of trusted certificates in the java prefs pane...
This is very frustrating.
The certificate is worldwide accepted; it is even in the list of trusted certificates in the java prefs pane...
This is very frustrating.
Jos Uitenbogaard
Devoon
Devoon
-
jos@devoon.nl - Posts: 60
- Joined: Tue Oct 25, 2011 11:59 am
- Location: Reeuwijk NL
Re: https protocol with http plugin
by boonstrj » Fri Jan 18, 2013 5:35 pm
Have a look at this article:
http://garbagerie.wordpress.com/2011/12/06/javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-even-with-seemingly-valid-certificate/
http://garbagerie.wordpress.com/2011/12/06/javax-net-ssl-sslpeerunverifiedexception-peer-not-authenticated-even-with-seemingly-valid-certificate/
Jeroen Boonstra
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
2Serve-IT
Servoy version 5.2.13/6.1.x/7.1.0
- boonstrj
- Posts: 63
- Joined: Mon Jan 07, 2008 11:49 am
- Location: Netherlands
Re: https protocol with http plugin
by Harjo » Sat Jan 19, 2013 2:40 am
This happens also with certificates from (crappy/free)StartSSL, they are accepted by browsers, but not with Java
- Harjo
- Posts: 4321
- Joined: Fri Apr 25, 2003 11:42 pm
- Location: DEN HAM OV, The Netherlands
Re: https protocol with http plugin
by jos@devoon.nl » Tue Jan 22, 2013 9:47 am
The article Jeroen supplied was very helpfull. The server admin changed the installation of the certificate so now the entire chain is valid for java.
It looks like this problem occurs on about 9 out of 10 https servers. Java should do something about it or may be Servoy can do something to make sure Servoy solutions can work with it?
It looks like this problem occurs on about 9 out of 10 https servers. Java should do something about it or may be Servoy can do something to make sure Servoy solutions can work with it?
Jos Uitenbogaard
Devoon
Devoon
-
jos@devoon.nl - Posts: 60
- Joined: Tue Oct 25, 2011 11:59 am
- Location: Reeuwijk NL
8 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 2 guests