[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: WSDL2RPG Equivalent of HTTPS_INIT
The variables should be defined well. At least they match the prototype:
D https_init PR 10I 0
D peAppID 100A const
D peSSLv2 1N const options(*nopass)
D peSSLv3 1N const options(*nopass)
D peTLSv10 1N const options(*nopass)
D peTLSv11 1N const options(*nopass)
D peTLSv12 1N const options(*nopass)
Maybe it was useful, if you could post the debug log (without sensitive
data, such as user name and password, etc.), of course.
However I must close for today.
Thomas.
Am 22.02.2016 um 22:13 schrieb Hammack, Ted:
> Well, I'm getting a different error now (which is a form of progress, I guess)...
>
> 30: SSL Handshake: (GSKit) Peer not recognized or badly formatted message received.
>
> I used the Application ID name that appears in DCM. The variables are defined as follows (should they be defined differently?)...
>
> D rc S 10I 0 inz
> D app_id S 100A varying
>
>
> app_id = 'CMPWSAPIPORT';
> rc = https_init(app_id);
>
> Is there a field value that I can view in debug that might give me more info as to what it didn't like? All I'm able to see are the resulting values of CMPWSApiPort_HttpError_getCode() and CMPWSApiPort_HttpError_getText()
>
> -----Original Message-----
> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas Raddatz
> Sent: Monday, February 22, 2016 3:36 PM
> To: HTTPAPI and FTPAPI Projects
> Subject: RE: WSDL2RPG Equivalent of HTTPS_INIT
>
> No, it cannot be the prefix of the procedure names of the generated module.
> Actually that is something Scott should be able to answer. I assume that somebody assigned an application id to the certificates when he registered the client certificates in the cert manager.
>
> I cannot be more specific, because I never used client certificates.
>
> Sorry,
>
> Thomas.
>
> Gesendet mit AquaMail für Android
> http://www.aqua-mail.com
>
>
> Am 22. Februar 2016 9:15:57 nachm. schrieb "Hammack, Ted"
> <thammack@xxxxxxxxxxx>:
>
>> Is it simply the prefix portion of the names that appear for the procedures?
>>
>> Ex:
>> CMPWSApiPort_OnlineTrans
>> CMPWSApiPort_Port_initialize
>> CMPWSApiPort_Port_getHttpProxy
>> Etc
>>
>> ie:
>>
>> app_id = ' CMPWSApiPort';
>> rc = https_init(app_id);
>>
>> Let me know, thx.
>>
>> -----Original Message-----
>> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas
>> Raddatz
>> Sent: Monday, February 22, 2016 2:47 PM
>> To: HTTPAPI and FTPAPI Projects
>> Subject: Re: WSDL2RPG Equivalent of HTTPS_INIT
>>
>> Should be something like this (taken from EXAMPLE3):
>>
>> app_id = 'ACMEINC_HTTPAPI_EXAMPLE3';
>> rc = https_init(app_id);
>>
>> Thomas.
>>
>> Am 22.02.2016 um 20:35 schrieb Hammack, Ted:
>>> Ok, I'll look for it, thanks.
>>>
>>> Do you have sample code that shows what we should pass as a parameter
>>> in https_init?
>>>
>>> -----Original Message-----
>>> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Thomas
>>> Raddatz
>>> Sent: Monday, February 22, 2016 2:27 PM
>>> To: HTTPAPI and FTPAPI Projects
>>> Subject: Re: WSDL2RPG Equivalent of HTTPS_INIT
>>>
>>> Ted,
>>>
>>> Please try to add http_init() right before WSDL2RPG calls
>>> http_url_post_raw2():
>>>
>>> https_init(...);
>>>
>>> dou (not HttpResponse_isAuthenticationError(http_rc));
>>> // Get document from server and handle http redirects
>>> // See also: WSDL2R88.HttpResponse_isRedirect()
>>> dou (not HttpResponse_isRedirect(http_rc));
>>> http_DebugLog_appendText(
>>> '** ' + %char(%timestamp()) + ': Sending request to
>>> server');
>>>
>>> http_rc =
>>> http_url_post_raw2(
>>> url
>>> : hInpStream
>>> : %paddr('WSDL2R85_MessageContext_InputStream_read')
>>> : MessageContext_getSize(hMsgCtx)
>>> : 0
>>> : %paddr('HTTP_receiveResponse')
>>> : getTimeout()
>>> : getUserAgent()
>>> : '');
>>>
>>> if (HttpResponse_isRedirect(http_rc));
>>> url = http_redir_loc();
>>> hInpStream = reOpenInputStream(hMsgCtx: hInpStream);
>>> endif;
>>> enddo;
>>>
>>> You find http_url_post_raw2() in the generated WS_OPER module. It is
>>> the module with the following header:
>>>
>>> *================================================================
>>> * Generated by WSDL2RPG X.Y.Z / 19.04.2015
>>> * Built on Apr 19, 2015 (16:24:09)
>>> * Built for V7R2M0
>>> * Based on WS_OPER %VERSION% - %DATE%
>>>
>>> *================================================================
>>>
>>>
>>> Thomas.
>>>
>>> Am 22.02.2016 um 16:43 schrieb Hammack, Ted:
>>>> We are eagerly awaiting a reply from TR (with fingers crossed).
>>>>
>>>> I'm sure that publicly documented support on this specific item
>>>> would be a great help to others as well. It seems there is just
>>>> nothing out there on this. I'm guessing it's a simple fix too, we'll see.
>>>>
>>>> Commercial support is not ruled out as a last resort, (since this is
>>>> a hot project that the higher-up keep asking for status updates on).
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott
>>>> Klement
>>>> Sent: Monday, February 22, 2016 10:27 AM
>>>> To: HTTPAPI and FTPAPI Projects
>>>> Subject: WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL
>>>> Handshake Error)
>>>>
>>>> Ted,
>>>>
>>>> In HTTPAPI, you associate your application with a profile in the
>>>> digital certificate manager by calling the https_init() routine to set application ID.
>>>>
>>>> I don't know about WSDL2RPG, however, since this is not my tool. If
>>>> you ever decided to use HTTPAPI directly instead of using WSDL2RPG I
>>>> could help you, I could offer you commercial support, I could offer
>>>> you consulting, etc. However, WSDL2RPG is not my tool, so you need
>>>> to get help from Thomas Raddatz or at least someone who is familiar with it.
>>>>
>>>> I don't understand why Thomas isn't replying, since he is replying
>>>> to other posts on this list?
>>>>
>>>> -SK
>>>>
>>>>
>>>> -------- Forwarded Message --------
>>>> Subject: RE: GSKit SSL Handshake Error
>>>> Date: Mon, 22 Feb 2016 13:56:25 +0000
>>>> From: Hammack, Ted <thammack@xxxxxxxxxxx>
>>>> Reply-To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
>>>> To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
>>>>
>>>>
>>>>
>>>> Ok, thanks Julius.
>>>>
>>>> I won't waste any more time trying to get axiscStubSetSecure to work
>>>> since I'm apparently barking up the wrong tree. It was the only
>>>> thing we could find an article for that related to this specific error.
>>>>
>>>> What you said makes sense, since I couldn't find a routine with the
>>>> name of Get_(ServiceName)_stub anywhere for the getStub prototype in
>>>> the example I was following. I was able to find the
>>>> ....._Port_supplyLoginData routine, which I successfully modified
>>>> (at least there was one article out there that talked about using that one).
>>>>
>>>> I guess we'll just keep digging for an articles until we hear from someone.
>>>> Unfortunately, there's not a lot out there.
>>>>
>>>> Tomas, we would gladly pay for one-on-one support time on this one.
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Julius
>>>> Kaj
>>>> Sent: Monday, February 22, 2016 6:06 AM
>>>> To: 'HTTPAPI and FTPAPI Projects'
>>>> Subject: SV: GSKit SSL Handshake Error
>>>>
>>>> FWIW, I think you're mixing things up. The WSDL2RPG tool that Thomas
>>>> Raddatz has created generates a stub based on the use of Scott
>>>> Klement's HTTPAPI tool. That is a totally different product than IBM's IWS client.
>>>>
>>>> To use a client-side certificate you can't call the
>>>> axiscStubSetSecure procedure, which is related to the IBM product.
>>>> You have to use the equivalent HTTPAPI procedure call instead.
>>>> You'll probably need to make some small changes to the generated
>>>> stub to do so. However, I think you'll need to get the attention of
>>>> Thomas Raddatz. He will undoubtedly be able to point you to the exact place where you have to make changes.
>>>>
>>>> Thomas is normally very good at spotting posts related to his
>>>> WSDL2RPG product and help people. So have faith and don't give up just yet...
>>>> :-)
>>>>
>>>>
>>>> -----Oprindelig meddelelse-----
>>>> Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne af Hammack,
>>>> Ted
>>>> Sendt: 19. februar 2016 14:56
>>>> Til: HTTPAPI and FTPAPI Projects
>>>> Emne: RE: GSKit SSL Handshake Error
>>>>
>>>> Hi Scott, thanks for getting back to me on this.
>>>>
>>>> We have been told by First Data from day 1, that we need their
>>>> certificate to consume this web service. They provided us with the
>>>> client and root certs, and Tony installed the applicable cert on the
>>>> IBMi using DCM. In addition, I added the cert in SoapUI, and have
>>>> been able to successfully test the various functions in SoapUI
>>>> (which did not work without their cert). Besides, it makes sense
>>>> that we need an SSL certificate based on the presence of HttpS in the WSDL URL provided....
>>>>
>>>> https://merchanttest.ctexmloma.compass-xml.com:443/cmpwsapi/services
>>>>
>>>> After creating the stubs and services program using the newer
>>>> WSDL2RPG, I created the driver program WSFDMS001T, using the command
>>>> taken from Tom's article...
>>>>
>>>> WSDL2RPG URL('file:/home/hammat/order.wsdl')
>>>> SERVICE('CMPWSApiPort' 'OnlineTrans()')
>>>> SRCFILE(*LIBL/QWSDL2RPG) SRCMBR(WSFDMS001T *YES)
>>>> TYPE(*PGM) STUB(WSFDMS001) DIM(60) STRLEN(60)
>>>>
>>>> After stepping through debug in the driver program (just after the
>>>> OnlineRequest call) the http error message returned told me that I
>>>> needed to supply the username and password (which First Data also gave to us).
>>>> After adding this in the ...Port_supplyLoginData routine in the
>>>> service program, the error went away, and was replaced by the GSKit
>>>> SSL Handshake error.
>>>>
>>>> We are now trying to get past this with a call to axiscStubSetSecure
>>>> (based on the article below). However, I'm having trouble finding
>>>> what generated name (routine) to point to for the getStub prototype.
>>>>
>>>> http://www-01.ibm.com/support/docview.wss?uid=nas8N1011196
>>>>
>>>> We have come so far with this, and are so close. Is there any other
>>>> (more
>>>> suitable) forum we should be posting to?
>>>>
>>>>
>>>> -----Original Message-----
>>>> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
>>>> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott
>>>> Klement
>>>> Sent: Thursday, February 18, 2016 11:15 PM
>>>> To: HTTPAPI and FTPAPI Projects
>>>> Subject: Re: GSKit SSL Handshake Error
>>>>
>>>> Hi Ted,
>>>>
>>>> It's unclear why you would need a certificate assigned to your
>>>> application? Can you explain the requirements, here? The most
>>>> common scenario for a client-side application is to NOT use a certificate.
>>>> Normally, only server applications need certificates (in
>>>> like 95% of the cases.) Unless you are referring to a CA Certificate?
>>>> That's a different matter.
>>>>
>>>> If what you're looking for is a CA Certificate, then i wonder why
>>>> you'd like to associate it with an application?
>>>>
>>>> If you do need client-side certificates, I could tell you how to
>>>> configure them in HTTPAPI, but I cannot tell you how to do so in
>>>> WSDL2RPG, as that is not my project, and I am not familiar with it.
>>>>
>>>> Thomas Raddatz is usually a frequent participant on this mailing list.
>>>> Usually his responses (as well as others here) are very good and
>>>> frequent, but there are no guarantees because this is "community
>>>> support" on an "open source" project. HTTPAPI also offers
>>>> commercial support and consulting, but I do not know whether WSDL2RPG offers the same.
>>>>
>>>> -SK
>>>>
>>>> On 2/12/2016 8:24 AM, Hammack, Ted wrote:
>>>>> We recently used a newer version of WSDL2RPG (developed by Thomas
>>>>> Raddatz) to create stubs and service programs for a fairly complex WSDL
>>>>> (a WSDL that the IBM told us could not be processed by their IWS client
>>>>> tool due to the presence of "complex content extensions").
>>>>>
>>>>>
>>>>>
>>>>> We now have a driver program set up to consume the service. Immediately
>>>>> after executing the OnlineTransRequest, we get an HttpError_getCode
>>>>> return value of 30 and an HttpError_getText value that reads...
>>>>>
>>>>>
>>>>>
>>>>> "(GSKit) No certificate is available for SSL processing"
>>>>>
>>>>>
>>>>>
>>>>> Our LAN director says that he already installed the certificate using
>>>>> IBM's Digital Certificate Manager. Is there something else that we need
>>>>> to do that will allow us to link the program to the cert? (is there a
>>>>> built-in function that handles this in RPG?)
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>>> ____________________________________________________________________
>>>> _ _ This email has been scanned by the Symantec Email Security.cloud
>>>> service.
>>>> For more information please visit http://www.symanteccloud.com
>>>> ____________________________________________________________________
>>>> _
>>>> _
>>>>
>>>> ____________________________________________________________________
>>>> _ _ This email has been scanned by the Symantec Email Security.cloud
>>>> service.
>>>> For more information please visit http://www.symanteccloud.com
>>>> ____________________________________________________________________
>>>> _
>>>> _
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>>>
>>>>
>>>> -----
>>>> No virus found in this message.
>>>> Checked by AVG - www.avg.com
>>>> Version: 2015.0.6189 / Virus Database: 4533/11679 - Release Date:
>>>> 02/22/16
>>>>
>>>>
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>>> --------------------------------------------------------------------
>>>> -
>>>> -
>>>> -
>>>>
>>> ---------------------------------------------------------------------
>>> -
>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>> ---------------------------------------------------------------------
>>> -
>>> -
>>>
>>> ---------------------------------------------------------------------
>>> -
>>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>>> http://www.scottklement.com/mailman/listinfo/ftpapi
>>> ---------------------------------------------------------------------
>>> -
>>> -
>>>
>> ----------------------------------------------------------------------
>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> ----------------------------------------------------------------------
>> -
>>
>> ----------------------------------------------------------------------
>> - This is the FTPAPI mailing list. To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> ----------------------------------------------------------------------
>> -
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------