I created identity-file and certificate using the createcert-utility: X.509 Certificate ----------------- .... Serial Number: 6cde1cf266d64bca971ae9042f27996f Issued: Jun 11, 2013 15:40:00 Expires: Jun 12, 2018 15:40:00 Signature Algorithm: RSA, SHA1 Key Type: RSA Key Size: 2048 bits Basic Constraints: Is not a certificate authority Key Usage: Digital Signature, Key Encipherment, Data Eqipherment I use following -xs options for my web-server: -xs https(FIPS=N;PORT=8020;Identity=MSU.id;Identity_Password=...) I create following procedure: create procedure "dba"."fa_CMC_authentication"( urlSpec long varchar, userPasswordEncoded long varchar, certificatekey long varchar) URL '!urlSpec' TYPE 'HTTP:POST' HEADER 'Authorization: Basic !userPasswordEncoded' CERTIFICATE '!certificatekey' ; I run: call "dba"."fa_CMC_authentication"( 'https:// ... :8020/ ... / ... ', ' ... ', 'certificate= ... '); For SQL Anywhere Network Server Version 12.0.1.3967:
But for SQL Anywhere Network Server Version 12.0.1.3994: EXCEPTION at 2013-12-12 09:42:30.264: SQLCODE = -983, SQLSTATE = WW052, ERRORMSG() = HTTP request failed. Status code '<NONE>' |
My apologies, there was an error in my description of the Certicom / OpenSSL changes. One of the changes was listed under the FIPS-related changes, but it applies to non-FIPS as well. I've updated the list. Speifically, if you're going to use a self-signed certificate in your identity file, that certificate must have the "certificate signing" attribute, so you need to re-create the certificate and make sure that attribute is set (option 6 in Key Usage). 1
Thanks, Signature Algorithm: RSA, SHA1 Key Type: RSA Key Size: 2048 bits Basic Constraints: Is not a certificate authority Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Certificate Signing then
(16 Dec '13, 03:31)
Ilia63
|