I created identity-file and certificate using the createcert-utility:

X.509 Certificate
-----------------
.... 
Serial Number:           6cde1cf266d64bca971ae9042f27996f
Issued:                  Jun 11, 2013  15:40:00
Expires:                 Jun 12, 2018  15:40:00
Signature Algorithm:     RSA, SHA1
Key Type:                RSA
Key Size:                2048 bits
Basic Constraints:       Is not a certificate authority
Key Usage:               Digital Signature, Key Encipherment, Data Eqipherment

I use following -xs options for my web-server:

-xs https(FIPS=N;PORT=8020;Identity=MSU.id;Identity_Password=...)

I create following procedure:

create procedure "dba"."fa_CMC_authentication"(
 urlSpec              long varchar,
 userPasswordEncoded  long varchar,
 certificatekey       long varchar)
    URL '!urlSpec'
    TYPE 'HTTP:POST'
    HEADER 'Authorization: Basic !userPasswordEncoded'
    CERTIFICATE '!certificatekey'
;

I run:

call "dba"."fa_CMC_authentication"(
'https:// ... :8020/ ... / ... ',
' ... ',
'certificate= ... ');

For SQL Anywhere Network Server Version 12.0.1.3967: alt text

But for SQL Anywhere Network Server Version 12.0.1.3994:

EXCEPTION at 2013-12-12 09:42:30.264: SQLCODE = -983, SQLSTATE = WW052, ERRORMSG() = HTTP request failed. Status code '<NONE>'

asked 12 Dec '13, 01:56

Ilia63's gravatar image

Ilia63
736253149
accept rate: 16%


My apologies, there was an error in my description of the Certicom / OpenSSL changes. One of the changes was listed under the FIPS-related changes, but it applies to non-FIPS as well. I've updated the list.

Speifically, if you're going to use a self-signed certificate in your identity file, that certificate must have the "certificate signing" attribute, so you need to re-create the certificate and make sure that attribute is set (option 6 in Key Usage).

permanent link

answered 12 Dec '13, 09:10

Graeme%20Perrow's gravatar image

Graeme Perrow
8.5k371108
accept rate: 51%

1

Thanks,
IF certificate:

Signature Algorithm:     RSA, SHA1
Key Type:                RSA
Key Size:                2048 bits
Basic Constraints:       Is not a certificate authority
Key Usage:               Digital Signature, Key Encipherment, Data Encipherment, 
                         Certificate Signing

then
for SQL Anywhere Network Server Version 12.0.1.3967 - OK
for SQL Anywhere Network Server Version 12.0.1.3994 - OK

(16 Dec '13, 03:31) Ilia63
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×406

question asked: 12 Dec '13, 01:56

question was seen: 682 times

last updated: 16 Dec '13, 03:33