Hi Asit,
I ran into a similar problem. Here’s the thread on that discussion:
http://developer.marklogic.com/pipermail/general/2015-November/018231.html
If you set <verify-cert>false</verify-cert> in the http-get options, your call
should work, but MarkLogic will not verify that the SSL certificate is valid.
If you trust the site/authority you are calling then setting
<verify-cert>false</verify-cert> is one way to go. Not the best way to go, but
one way.
As I understand it, the problem is that the SSL certificates for the site you
are calling needs to be in list located in Configure -> Security - Certificate
Authorities.
If the Certificate is not there, then MarkLogic will not be able to valid SSL
certificates when you make HTTPS calls. That’s why you are seeing:
Socket connect error
If you want to MarkLogic to verify the cert when you ,make the HTTPS call, then
you will need to import a new Certificate Authority record in Configure ->
Security - Certificate Authorities
Best Wishes,
Rob
Robert Chavez | Senior Content Solutions Architect | NEJM Group
860 Winter Street, Waltham, MA 02451 | 781-434-7537 |
r<mailto:[email protected]>[email protected]<mailto:[email protected]>
On Nov 30, 2015, at 12:39 PM, Asit Nautiyal
<[email protected]<mailto:[email protected]>> wrote:
Hi Geert,
xdmp:http-get() function is not working for "https" URL's. Its working fine
with "http" only. I tried with many URL's.
Please find below one example:
xdmp:http-get("http<http://www.tutorialspoint.com/>://www.tutorialspoint.com/<http://www.tutorialspoint.com/>",())
This working fine.
But not working for
xdmp:http-get("https<https://en.wikipedia.org/wiki/MarkLogic>://en.wikipedia.org/wiki/MarkLogic<https://en.wikipedia.org/wiki/MarkLogic>",())
and I am getting error :
Socket connect error: SSL_connect 192.168.1.7:61527-208.80.154.224:443:
certificate verify failed
So, xdmp:http-get() function is not able to call "https" URL's, then what is
the solution for this. How can I call "https" from MarkLogic code side?
Regards,
Asit Nautiyal
________________________________
From: [email protected]<mailto:[email protected]>
To: [email protected]<mailto:[email protected]>
Date: Thu, 19 Nov 2015 18:54:47 +0000
Subject: Re: [MarkLogic Dev General] How to call "https" URL using
xdmp:http-get() method
Hi Asit,
It should normally be enough to just replace http with https in the URL. There
are a few options regarding ssl certs, but those are normally not necessary..
Kind regards,
Geert
From:
<[email protected]<mailto:[email protected]>>
on behalf of Asit Nautiyal
<[email protected]<mailto:[email protected]>>
Reply-To: MarkLogic Developer Discussion
<[email protected]<mailto:[email protected]>>
Date: Thursday, November 19, 2015 at 6:58 PM
To: "[email protected]<mailto:[email protected]>"
<[email protected]<mailto:[email protected]>>
Subject: [MarkLogic Dev General] How to call "https" URL using xdmp:http-get()
method
Hi,
We have implemented SSL on http server in MarkLogic. Now, I am not able to
access rest api's using xdmp:http-get() method from that http server because
all URL has been changed from "http" to "https". I am getting
Socket_connection:SSL error.
How can I call "https" URLs using xdmp:http-get() method?
Regards,
Asit Nautiyal
_______________________________________________ General mailing list
[email protected]<mailto:[email protected]> Manage
your subscription at:http://developer.marklogic.com/mailman/listinfo/general
_______________________________________________
General mailing list
[email protected]<mailto:[email protected]>
Manage your subscription at:
http://developer.marklogic.com/mailman/listinfo/general
This email message is a private communication. The information transmitted,
including attachments, is intended only for the person or entity to which it is
addressed and may contain confidential, privileged, and/or proprietary
material. Any review, duplication, retransmission, distribution, or other use
of, or taking of any action in reliance upon, this information by persons or
entities other than the intended recipient is unauthorized by the sender and is
prohibited. If you have received this message in error, please contact the
sender immediately by return email and delete the original message from all
computer systems. Thank you._______________________________________________
General mailing list
[email protected]
Manage your subscription at:
http://developer.marklogic.com/mailman/listinfo/general
