We are eagerly awaiting a reply from TR (with fingers crossed).
I'm sure that publicly documented support on this specific item
would be a great help to others as well. It seems there is just
nothing out there on this. I'm guessing it's a simple fix too, we'll see.
Commercial support is not ruled out as a last resort, (since this is
a hot project that the higher-up keep asking for status updates on).
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott
Klement
Sent: Monday, February 22, 2016 10:27 AM
To: HTTPAPI and FTPAPI Projects
Subject: WSDL2RPG Equivalent of HTTPS_INIT (was: RE: GSKit SSL
Handshake Error)
Ted,
In HTTPAPI, you associate your application with a profile in the
digital certificate manager by calling the https_init() routine to set application ID.
I don't know about WSDL2RPG, however, since this is not my tool. If
you ever decided to use HTTPAPI directly instead of using WSDL2RPG I
could help you, I could offer you commercial support, I could offer
you consulting, etc. However, WSDL2RPG is not my tool, so you need
to get help from Thomas Raddatz or at least someone who is familiar with it.
I don't understand why Thomas isn't replying, since he is replying
to other posts on this list?
-SK
-------- Forwarded Message --------
Subject: RE: GSKit SSL Handshake Error
Date: Mon, 22 Feb 2016 13:56:25 +0000
From: Hammack, Ted <thammack@xxxxxxxxxxx>
Reply-To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Ok, thanks Julius.
I won't waste any more time trying to get axiscStubSetSecure to work
since I'm apparently barking up the wrong tree. It was the only
thing we could find an article for that related to this specific error.
What you said makes sense, since I couldn't find a routine with the
name of Get_(ServiceName)_stub anywhere for the getStub prototype in
the example I was following. I was able to find the
....._Port_supplyLoginData routine, which I successfully modified
(at least there was one article out there that talked about using that one).
I guess we'll just keep digging for an articles until we hear from someone.
Unfortunately, there's not a lot out there.
Tomas, we would gladly pay for one-on-one support time on this one.
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Julius
Kaj
Sent: Monday, February 22, 2016 6:06 AM
To: 'HTTPAPI and FTPAPI Projects'
Subject: SV: GSKit SSL Handshake Error
FWIW, I think you're mixing things up. The WSDL2RPG tool that Thomas
Raddatz has created generates a stub based on the use of Scott
Klement's HTTPAPI tool. That is a totally different product than IBM's IWS client.
To use a client-side certificate you can't call the
axiscStubSetSecure procedure, which is related to the IBM product.
You have to use the equivalent HTTPAPI procedure call instead.
You'll probably need to make some small changes to the generated
stub to do so. However, I think you'll need to get the attention of
Thomas Raddatz. He will undoubtedly be able to point you to the exact place where you have to make changes.
Thomas is normally very good at spotting posts related to his
WSDL2RPG product and help people. So have faith and don't give up just yet...
:-)
-----Oprindelig meddelelse-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] På vegne af Hammack,
Ted
Sendt: 19. februar 2016 14:56
Til: HTTPAPI and FTPAPI Projects
Emne: RE: GSKit SSL Handshake Error
Hi Scott, thanks for getting back to me on this.
We have been told by First Data from day 1, that we need their
certificate to consume this web service. They provided us with the
client and root certs, and Tony installed the applicable cert on the
IBMi using DCM. In addition, I added the cert in SoapUI, and have
been able to successfully test the various functions in SoapUI
(which did not work without their cert). Besides, it makes sense
that we need an SSL certificate based on the presence of HttpS in the WSDL URL provided....
https://merchanttest.ctexmloma.compass-xml.com:443/cmpwsapi/services
After creating the stubs and services program using the newer
WSDL2RPG, I created the driver program WSFDMS001T, using the command
taken from Tom's article...
WSDL2RPG URL('file:/home/hammat/order.wsdl')
SERVICE('CMPWSApiPort' 'OnlineTrans()')
SRCFILE(*LIBL/QWSDL2RPG) SRCMBR(WSFDMS001T *YES)
TYPE(*PGM) STUB(WSFDMS001) DIM(60) STRLEN(60)
After stepping through debug in the driver program (just after the
OnlineRequest call) the http error message returned told me that I
needed to supply the username and password (which First Data also gave to us).
After adding this in the ...Port_supplyLoginData routine in the
service program, the error went away, and was replaced by the GSKit
SSL Handshake error.
We are now trying to get past this with a call to axiscStubSetSecure
(based on the article below). However, I'm having trouble finding
what generated name (routine) to point to for the getStub prototype.
http://www-01.ibm.com/support/docview.wss?uid=nas8N1011196
We have come so far with this, and are so close. Is there any other
(more
suitable) forum we should be posting to?
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott
Klement
Sent: Thursday, February 18, 2016 11:15 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: GSKit SSL Handshake Error
Hi Ted,
It's unclear why you would need a certificate assigned to your
application? Can you explain the requirements, here? The most
common scenario for a client-side application is to NOT use a certificate.
Normally, only server applications need certificates (in
like 95% of the cases.) Unless you are referring to a CA Certificate?
That's a different matter.
If what you're looking for is a CA Certificate, then i wonder why
you'd like to associate it with an application?
If you do need client-side certificates, I could tell you how to
configure them in HTTPAPI, but I cannot tell you how to do so in
WSDL2RPG, as that is not my project, and I am not familiar with it.
Thomas Raddatz is usually a frequent participant on this mailing list.
Usually his responses (as well as others here) are very good and
frequent, but there are no guarantees because this is "community
support" on an "open source" project. HTTPAPI also offers
commercial support and consulting, but I do not know whether WSDL2RPG offers the same.
-SK
On 2/12/2016 8:24 AM, Hammack, Ted wrote:
We recently used a newer version of WSDL2RPG (developed by Thomas
Raddatz) to create stubs and service programs for a fairly complex WSDL
(a WSDL that the IBM told us could not be processed by their IWS client
tool due to the presence of "complex content extensions").
We now have a driver program set up to consume the service. Immediately
after executing the OnlineTransRequest, we get an HttpError_getCode
return value of 30 and an HttpError_getText value that reads...
"(GSKit) No certificate is available for SSL processing"
Our LAN director says that he already installed the certificate using
IBM's Digital Certificate Manager. Is there something else that we need
to do that will allow us to link the program to the cert? (is there a
built-in function that handles this in RPG?)