[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL Handshake Error)

From: Scott Klement <sk@xxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL Handshake Error)
Date: Mon, 22 Feb 2016 09:26:46 -0600

Ted,

In HTTPAPI, you associate your application with a profile in the digitalcertificate manager by calling the https_init() routine to setapplication ID.

I don't know about WSDL2RPG, however, since this is not my tool. If youever decided to use HTTPAPI directly instead of using WSDL2RPG I couldhelp you, I could offer you commercial support, I could offer youconsulting, etc. However, WSDL2RPG is not my tool, so you need to gethelp from Thomas Raddatz or at least someone who is familiar with it.

I don't understand why Thomas isn't replying, since he is replying toother posts on this list?

-SK

-------- Forwarded Message --------
Subject: 	RE: GSKit SSL Handshake Error
Date: 	Mon, 22 Feb 2016 13:56:25 +0000
From: 	Hammack, Ted <thammack@xxxxxxxxxxx>
Reply-To: 	HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
To: 	HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>

Ok, thanks Julius.

I won't waste any more time trying to get axiscStubSetSecure to work since I'm apparently barking up the wrong tree. It was the only thing we could find an article for that related to this specific error.

What you said makes sense, since I couldn't find a routine with the name of Get_(ServiceName)_stub anywhere for the getStub prototype in the example I was following. I was able to find the ....._Port_supplyLoginData routine, which I successfully modified  (at least there was one article out there that talked about using that one).

I guess we'll just keep digging for an articles until we hear from someone. Unfortunately, there's not a lot out there.

Tomas, we would gladly pay for one-on-one support time on this one.

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Julius Kaj
Sent: Monday, February 22, 2016 6:06 AM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: GSKit SSL Handshake Error

FWIW, I think you're mixing things up. The WSDL2RPG tool that Thomas Raddatz has created generates a stub based on the use of Scott Klement's HTTPAPI tool. That is a totally different product than IBM's IWS client.

To use a client-side certificate you can't call the axiscStubSetSecure procedure, which is related to the IBM product. You have to use the equivalent HTTPAPI procedure call instead. You'll probably need to make some small changes to the generated stub to do so. However, I think you'll need to get the attention of Thomas Raddatz. He will undoubtedly be able to point you to the exact place where you have to make changes.

Thomas is normally very good at spotting posts related to his WSDL2RPG product and help people. So have faith and don't give up just yet... :-)

-----Oprindelig meddelelse-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne af Hammack, Ted
Sendt: 19. februar 2016 14:56
Til: HTTPAPI and FTPAPI Projects
Emne: RE: GSKit SSL Handshake Error

Hi Scott, thanks for getting back to me on this.

We have been told by First Data from day 1, that we need their certificate to consume this web service. They provided us with the client and root certs, and Tony installed the applicable cert on the IBMi using DCM. In addition, I added the cert in SoapUI, and have been able to successfully test the various functions in SoapUI (which did not work without their cert). Besides, it makes sense that we need an SSL certificate based on the presence of HttpS in the WSDL URL provided....

https://merchanttest.ctexmloma.compass-xml.com:443/cmpwsapi/services

After creating the stubs and services program using the newer WSDL2RPG, I created the driver program WSFDMS001T, using the command taken from Tom's article...

WSDL2RPG URL('file:/home/hammat/order.wsdl')
SERVICE('CMPWSApiPort' 'OnlineTrans()')
SRCFILE(*LIBL/QWSDL2RPG) SRCMBR(WSFDMS001T *YES)
TYPE(*PGM) STUB(WSFDMS001) DIM(60) STRLEN(60)

After stepping through debug in the driver program (just after the OnlineRequest call) the http error message returned told me that I needed to supply the username and password (which First Data also gave to us). After adding this in the ...Port_supplyLoginData routine in the service program, the error went away, and was replaced by the GSKit SSL Handshake error.

We are now trying to get past this with a call to axiscStubSetSecure (based on the article below). However, I'm having trouble finding what generated name (routine) to point to for the getStub prototype.

http://www-01.ibm.com/support/docview.wss?uid=nas8N1011196

We have come so far with this, and are so close. Is there any other (more suitable) forum we should be posting to?

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Thursday, February 18, 2016 11:15 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: GSKit SSL Handshake Error

Hi Ted,

It's unclear why you would need a certificate assigned to your
application?    Can you explain the requirements, here?    The most
common scenario for a client-side application is to NOT use a certificate.  Normally, only server applications need certificates (in
like 95% of the cases.)   Unless you are referring to a CA Certificate?
That's a different matter.

If what you're looking for is a CA Certificate, then i wonder why you'd like to associate it with an application?

If you do need client-side certificates, I could tell you how to configure them in HTTPAPI, but I cannot tell you how to do so in WSDL2RPG, as that is not my project, and I am not familiar with it.

Thomas Raddatz  is usually a frequent participant on this mailing list.
Usually his responses (as well as others here) are very good and frequent, but there are no guarantees because this is "community support" on an "open source" project.  HTTPAPI also offers commercial support and consulting, but I do not know whether WSDL2RPG offers the same.

-SK

On 2/12/2016 8:24 AM, Hammack, Ted wrote:

    We recently used a newer version of WSDL2RPG (developed by Thomas
    Raddatz) to create stubs and service programs for a fairly complex WSDL
    (a WSDL that the IBM told us could not be processed by their IWS client
    tool due to the presence of "complex content extensions").



    We now have a driver program set up to consume the service. Immediately
    after executing the OnlineTransRequest, we get an HttpError_getCode
    return value of 30 and an HttpError_getText value that reads...



    "(GSKit) No certificate is available for SSL processing"



    Our LAN director says that he already installed the certificate using
    IBM's Digital Certificate Manager. Is there something else that we need
    to do that will allow us to link the program to the cert? (is there a
    built-in function that handles this in RPG?)


-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com ______________________________________________________________________

______________________________________________________________________
This email has been scanned by the Symantec Email Security.cloud service.
For more information please visit http://www.symanteccloud.com ______________________________________________________________________
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------



-----
No virus found in this message.
Checked by AVG - www.avg.com
Version: 2015.0.6189 / Virus Database: 4533/11679 - Release Date: 02/22/16



-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- RE: WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL Handshake Error)
  - From: Hammack, Ted

References:
- RE: GSKit SSL Handshake Error
  - From: Hammack, Ted

Prev by Date: RE: GSKit SSL Handshake Error
Next by Date: Re: Web Service using HTTP_URL_POST_STMF-Need example of target server program to receive xml file and return a xml file to the source
Previous by thread: RE: GSKit SSL Handshake Error
Next by thread: RE: WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL Handshake Error)
Index(es):
- Date
- Thread