Here is a link to the log file from the transaction that was run. I tried posting in the email list but moderator said 40KB was too large.
www.jenkon.com/Files/UniBasicSoapLog.txt<http://www.jenkon.com/Files/UniBasicSoapLog.txt> Thanks, Glenn ________________________________ From: Glenn Batson Sent: Tuesday, July 06, 2010 3:24 PM To: u2-users@listserver.u2ug.org Subject: Help with Soap and passing certificates in UniBasic I'm hoping someone can help me out with some Soap and Certificate logic from UniBasic. We have the below code in an application (UniData 7.1.0 on Windows 2003) that has been working great for some time. The problem is the service we are talking to implemented some new code to require certificates or not. As you'll see in the code we were actually performing the addCertificate function. The service and secure soap implementation in UniBasic were not fully understood at the time this code was written. So it was probably not needed before but it worked so mostly no harm no foul. The problem now is with the new service the certificate can either be required or not required. If using a certificate it has to be one issued by the company providing the service. We have actually tried both approaches (with cert and without - commented out lines 98,99) and each time, the call to SOAPSumitRequest just hangs. It may eventually time out but I've never waited that long enough for it to abort. The logic before returned in a few seconds. The company providing the service actually see something weird in their logs. It looks like we make some initial calls to them (other calls being made prior to this logic) and then they see nothing. If I terminate my UniData telnet session then they see the actual request come through. Hope this makes sense. I should also mention that the code that was working for a long time was slightly different below. Instead of RETURN = addCertificate(CERT.PATH, 1, 1, 1, ctx) we were using RETURN = addCertificate(CERT.PATH, 2, 2, 1, ctx) because the old certificate was in DER format and it was a guess on it should be issuer certificate. With the new certificate from the company they used PEM format and they thought we should use the client/server setting. In other words the function call was different because the certificate referenced was different. So my questions are: 1) Do I have to install the certificate in the windows OS stores for certificates? I don't think I do because we didn't do that with the old certificate but I ask because the old certificate was actually one of the base certificates in Windows. 2) Is there anything wrong with the code below besides the basic style of writing? If you need to see more of the code let me know. Is the use of client/server certificate UsedAs value correct. The approach is the company running the service wants to validate we are passing them their certificate they issued us. Note that I generated the CSR from the server using the UniAdmin tool. This was sent to the service company and they generated us a .cer file. I then put this file in the location referenced via the certPath. 3) Has anyone experienced the same sort of logic where you kill the session and then the data goes through. I'm working with the service company to get the logs they are seeing on their end. If I can I'll pass those along. Any help would be greatly appreciated. 086: URL = ITEM.MASTER<NET$COMPANY.SERVICE> 087: SoapAction = "http://company.com/SPS/contracts/SPSService/GetAllPayerPayment Methods" 088: Timeout = 30000 089: * Create Security Context 090: SecContext = createSecurityContext(ctx, 'SSLv3') 091: IF SecContext=0 THEN 092: * Security Context OK 093: END ELSE 094: CALL SB.PROCESS('ERROR.MSG,3701,Security Context Failure') 095: RETURN 096: END 097: * Set Cert Path 098: CERT.PATH = ITEM.MASTER<NET$COMPANY.CERT> 099: RETURN = addCertificate(CERT.PATH, 1, 1, 1, ctx) 100: * Add Authentication Rule 101: RETURN = addAuthenticationRule(ctx, 2, "VerificationStrength", "generous") 102: RETURN = addAuthenticationRule(ctx, 2, "PeerName", "company.com") 103: * Create the Request 104: Ret = setHTTPDefault("VERSION", "1.1") 105: IF Ret = 0 THEN 106: * Set HTTP Default OK 107: END ELSE 108: CALL SB.PROCESS('ERROR.MSG,3701,Set HTTP Default Failure') 109: RETURN 110: END 111: Ret = SOAPCreateSecureRequest(URL, SoapAction, SoapReq, ctx) 112: *Ret = SOAPCreateRequest(URL, SoapAction, SoapReq) 113: IF Ret=0 THEN 114: * Create Secure Request OK 115: END ELSE 116: CALL SB.PROCESS('ERROR.MSG,3701,Create Secure Request Failed') 117: RETURN 118: END 119: * Submit the Request 120: SetRequest.Status = SOAPSetRequestContent(SoapReq, GETALLPAYERPAYMENTMETHOD S,1) 121: IF SetRequest.Status=0 THEN 122: * Request Content Status OK 123: END ELSE 124: CALL SB.PROCESS('ERROR.MSG,3701,Request Content Status Failed') *--: P 125: RETURN 126: END 127: Ret = SOAPSubmitRequest(SoapReq, Timeout, RespHeaders, RespData, SoapStatus ) 128: IF Ret <> 0 THEN 129: * Error in SoapSubmitRequest 130: STATUS=getSocketErrorMessage(Ret, errMsg) 131: CALL SB.PROCESS('ERROR.MSG,3701,':errMsg) 132: RETURN 133: END 134: * 135: * 136: * Parse Response Data (RespData) 137: * 138: RESPXML = RespData _______________________________________________ U2-Users mailing list U2-Users@listserver.u2ug.org http://listserver.u2ug.org/mailman/listinfo/u2-users