[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: x.509 certificate question(s)



I completely agree with Mike. The signature of a Soap message can be part 
of a special Soap header. The format and content of such a Soap header 
should be explained by the WSDL file or (if missing) by the web service 
provider.

Thomas.


Am 14.12.2010 17:45, schrieb Mike Krebs:
> You talked to the server just fine and received an error from the server. The server told you "No signature in message!".  The message is the XML you sent.  Back to deciphering the WSDL. Looks like you need something else in the XML you sent.
>
> ________________________________________
> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas Bishop [tbishop2@xxxxxxxxxx]
> Sent: Tuesday, December 14, 2010 6:57 AM
> To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> Subject: x.509 certificate question(s)
>
> It's me again. I had to make do without SoapUI.
> I have written a few of the programs to make web service calls for various
> credit card transactions.
> The non-secure calls work fine.  The calls that require an X.509
> certificate fail.
> I was told that the certificate was installed and the web services server
> configured for our use.
> Prior to the certificate being installed and access being granted to the
> secure services I was receiving SSL handshake errors. I no longer receive
> those errors so I assume the certificate has been installed and the server
> has been configured to accept our requests.
>
> The two web services I am attempting are both the same call except for one
> word being different and one uses the x.509 certificate and the other does
> not.
> RegisterCreditCardForDataVaultToken requires the x.509 certificate and
> RegisterCreditCardForTemporaryToken does not.
> I initially had my URL as https:// for the secure call but was told I
> would only need that when the app is moved to production so I now have it
> as http://.  Using https:// resulted in SSL handshake errors so I
> questioned the web service guys and was told to use http:// for testing.
>
> In the httpapi_debug file I copied the XML call that works to the line
> above the XML line that fails and both are exact except for the words
> Temporary and DataVault.
>
> My question is do I need to add any additional values for the secure call?
>   I don't think so but I am stumped on what else to look for.  This is the
> first time I have had to make secure web service calls.
>
> I have the program do a DSPLY of data returned and for the failed call I
> see:
> faultstring
> No signature in message! (from client)
> env:Fault
>
> I searched the archives but did not get a result for that message.  Does
> it mean my certificate data was not sent?  I read the ReadMe text and
> verified my user id is authorized to "*SYSTEM certifcate store".
>
> Below is the debug data.  The first call to
> RegisterCreditCardForTemporaryToken worked and sent back a token number.
> The call to RegisterCreditCardForDataVaultToken fails.
>
> HTTPAPI Ver 1.23 released 2008-04-24
> OS/400 Ver V5R4M0
>
> New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 2
> DNS resolver retry  : 2
> DNS resolver options: x'00000136'
> DNS default domain: HUMANA.COM
> DNS server found: 205.145.105.203
> DNS server found: 205.145.66.111
> http_persist_post(): entered
> http_long_ParseURL(): entered
> do_post(): entered
> POST /es/DataVault/TokenServices/v1.0/TokenService HTTP/1.1
> Host: 193.91.232.21:8010
> User-Agent: http-api/1.23
> Content-Type: text/xml
> Expect: 100-continue
> Content-Length: 473
> SOAPAction:
> http://schemas.humana.com/Services/DataVaultServices/TokenServices/v1.0:registerCreditCardForTemporaryTokenIn
>
>
> recvresp(): entered
> HTTP/1.1 100 Continue
> X-Note: Gateway Ack
>
>
> SetError() #13: HTTP/1.1 100 Continue
> senddoc(): entered
> <?xml version="1.0" encoding="UTF-8"?><soap:Envelope
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>  <soap:Body>
> <RegisterCreditCardForTemporaryTokenRequest
> xmlns="http://schemas.humana.com/Services/DataVaultServices/TokenServices/v1.0";>
> <CreditCardNumber>4111111111111111</CreditCardNumber>
> </RegisterCreditCardForTemporaryTokenRequest>  </soap:Body></soap:Envelope>
> recvresp(): entered
> HTTP/1.1 200 OK
> X-Backside-Transport: OK OK
> Connection: Keep-Alive
> Transfer-Encoding: chunked
> Cache-Control: no-cache, private
> Content-Type: text/xml
> Server: Microsoft-IIS/6.0
> ServerName: 09
> X-Powered-By: ASP.NET
> X-AspNet-Version: 2.0.50727
> Pragma: no-cache
> Expires: Mon, 01 Jan 1990 12:00:00 GMT
> Date: Tue, 14 Dec 2010 11:32:30 GMT
> X-Client-IP: 193.111.35.204
> Datapower: True
>
>
> SetError() #13: HTTP/1.1 200 OK
> recvdoc parms: chunked 0
> header_load_cookies() entered
> recvchunk(): entered
> get_chunk_size(): entered
> 27
>
> chunk size = 39
> get_chunk_size returned 39
> calling comm_blockread
> <?xml version="1.0" encoding="UTF-8"?>
>
> comm_blockread returned 39
>
>
> get_chunk_size(): entered
> 1c0
>
> chunk size = 448
> get_chunk_size returned 448
> calling comm_blockread
> <soap:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><RegisterCreditCardForTemporaryTokenResponse
> xmlns="http://schemas.humana.com/Services/DataVaultServices/TokenServices/v1.0";><TemporaryCreditCardToken>9754318326711111</TemporaryCreditCardToken></RegisterCreditCardForTemporaryTokenResponse></soap:Body></soap:Envelope>
> comm_blockread returned 448
>
>
> get_chunk_size(): entered
> 0
>
> chunk size = 0
> get_chunk_size returned 0
> http_close(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 2
> DNS resolver retry  : 2
> DNS resolver options: x'00000136'
> DNS default domain: HUMANA.COM
> DNS server found: 205.145.105.203
> DNS server found: 205.145.66.111
> http_persist_post(): entered
> http_long_ParseURL(): entered
> do_post(): entered
> POST /es/DataVault/TokenServices/v1.0/TokenService HTTP/1.1
> Host: 193.91.232.21:8010
> User-Agent: http-api/1.23
> Content-Type: text/xml
> Expect: 100-continue
> Content-Length: 473
> SOAPAction:
> http://schemas.humana.com/Services/DataVaultServices/TokenServices/v1.0:registerCreditCardForDataVaultTokenIn
>
>
> recvresp(): entered
> HTTP/1.1 100 Continue
> X-Note: Gateway Ack
>
>
> SetError() #13: HTTP/1.1 100 Continue
> senddoc(): entered
> <?xml version="1.0" encoding="UTF-8"?><soap:Envelope
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>  <soap:Body>
> <RegisterCreditCardForDataVaultTokenRequest
> xmlns="http://schemas.humana.com/Services/DataVaultServices/TokenServices/v1.0";>
> <CreditCardNumber>4111111111111111</CreditCardNumber>
> </RegisterCreditCardForDataVaultTokenRequest>  </soap:Body></soap:Envelope>
> recvresp(): entered
> HTTP/1.1 500 Internal Server Error
> Content-Type: text/xml
> X-Backside-Transport: FAIL FAIL
> Connection: close
>
>
> SetError() #13: HTTP/1.1 500 Internal Server Error
> recvdoc parms: identity 0
> header_load_cookies() entered
> recvdoc(): entered
> SetError() #0:
> <?xml version="1.0" encoding="UTF-8"?>
> <env:Envelope
> xmlns:env="http://schemas.xmlsoap.org/soap/envelope/";><env:Body><env:Fault><faultcode>env:Client</faultcode><faultstring>No
> signature in message! (from
> client)</faultstring></env:Fault></env:Body></env:Envelope>
> SetError() #13: HTTP/1.1 500 Internal Server Error
> http_close(): entered
>
>
> Thank you,
>
> Thomas
>
>
> The information transmitted is intended only for the person or entity to which it is addressed and may contain CONFIDENTIAL material.  If you receive this material/information in error, please contact the sender and delete or destroy the material/information.
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------