[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTPAPI and SSL
> I can call the web service, the code on the app server executes, I
> get a response from the web service. The problem is that the soap
> envelope I construct isn't making it to the web server.
That's a new one to me. I've never heard of it successfully
establishing the connection, but then failing to send the data. Please
post a debug log so we can see what's happening.
> I've placed system.outs after every line of code on the java side and
> the input parameters are clearly not making it to the web service. I
> thought this may have something to do with the face that the test web
> service is using a self signed cert and this cert is not in the CA
> store on the AS400, but I don't think that is the problem since I can
> get the java programs to execute and return a response to the as400.
I agree. If you can successfully establish a connection and exchange
part of the data (the part that tells which service to invoke, et al)
then clearly the SSL portion of the process is working.
> Just for grins I looked at the certificate store and can't find a
> client application for the httpapi (as some internet postings alluded
> to). That really confused me since I would think that I needed to
> trust a certificate before I'd accept it. This says to me that the
> AS400 is accepting the self signed certificate from the app server
> even though I don't it doesn't come from a trusted CA. Anyone care to
> elaborate?
No client application profile is required unless you plan to do
client-side certificates (which is an unusual requirement in HTTPS)
If you WANT to have a client application profile, then it's possible to
use one. You need to call https_init('PROFILE_NAME'); when you load
your program. And you have to have a matching client application
profile set up in the DCM (by "matching", I mean it's application ID
must be 'PROFILE_NAME')
But, I don't understand why we're worried about this, considering that
we've already established that SSL isn't the problem.
Please help us focus on the problem at hand by proving a debug log.
This will clue us in as to what is and isn't working, and help us see
what the problem might be.
If you don't know how to generate one, the process is described on the
2nd half of the following page:
http://www.scottklement.com/httpapi/beta/
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------