[MarkLogic Dev General] Problem with verifying SSL certificates

Wed, 28 Oct 2015 09:40:36 -0700 

Hello all,

I’m attempting to make an API call using xdml:http-get and having a problem 
with the SSL certificate verification. Here’s the code I’m using:

let $accountInfo := xdmp:http-get($baseURI,
                                 <options xmlns="xdmp:http">
                                   <authentication method="basic">
                                     <username>username</username>
                                     <password>password</password>
                                   </authentication>
                                   <verify-cert>true</verify-cert>
                                 </options>)

And here’s the error message I get:

System ID: /Users/bshort/Documents/Digital objects/api 
testing/get_account_test.xquery
Severity: error
Description: SVC-SOCCONN: 
xdmp:http-get("https://api-publisher.mirror-image.com:443/v5/<https://api-publisher.mirror-image.com/v5/>",
 <options xmlns="xdmp:http"><authentication 
method="basic"><username>nejm</username><passwor...</options>) -- Socket 
connect error: SSL_connect 172.16.12.139:52345-104.131.189.21:443: certificate 
verify failed (0x14090086)
Start location: 13:0

We’ve verified that the certificates are valid and that the call isn’t being 
blocked by our firewall (the trace showed the connection reaching from the 
firewall to the IP address). In addition, when I tried to replicate the call 
through other tools (including Postman and Python’s Requests module), I am able 
to make the call without errors. Finally, if I set verify-cert to false, the 
call goes through. We’re at the point where we think this might be a MarkLogic 
bug of some kind. Has anyone out there run into a problem like this before?

Thanks very much,
-Brendan Short

Brendan Short  |  Team Leader, Content Systems  |  NEJM Group
860 Winter Street, Waltham, MA 02451  |  781-434-7166  | 
[email protected]<mailto:[email protected]>



This email message is a private communication.  The information transmitted, 
including attachments, is intended only for the person or entity to which it is 
addressed and may contain confidential, privileged, and/or proprietary 
material.  Any review, duplication, retransmission, distribution, or other use 
of, or taking of any action in reliance upon, this information by persons or 
entities other than the intended recipient is unauthorized by the sender and is 
prohibited.  If you have received this message in error, please contact the 
sender immediately by return email and delete the original message from all 
computer systems.  Thank you.

_______________________________________________
General mailing list
[email protected]
Manage your subscription at: 
http://developer.marklogic.com/mailman/listinfo/general

Reply via email to