Please be aware that the content in SAP SQL Anywhere Forum will be migrated to the SAP Community in June and this forum will be retired.

DigiCert-certificate for web client procedure/function

2

The site has the following chain of certificates: 

- DigiCert Global Root CA (RSA, SHA256 / Digital Signature, Certificate Signing, CRL Signing)

- - DigiCert Global Root CA (RSA, SHA256 / Digital Signature, Certificate Signing, CRL Signing)

- - - DigiCert SHA2 Secure Server CA (RSA, SHA256 / Digital Signature, Key Encipherment)

However, these certificates do not work for 12.0.1.4436-server: 
SQLCODE = -983, SQLSTATE = WW052, ERRORMSG() = HTTP request failed. Status code '<NONE>'

Similar behavior was described in:
How to download a file from internet using sql anywhere that requires a certificate?
How to download a file from internet using sql anywhere 11 that requires a certificate?

Tell me, please, which certificate can be used in web client procedure/function.

asked 07 Mar '17, 09:11

Ilia63's gravatar image

Ilia63
1.2k515782
accept rate: 44%

Are you specifying the root certificate in the procedure definition?

(08 Mar '17, 09:17) Graeme Perrow
Replies hidden

Yes. 


alter PROCEDURE sp_4sms()
    URL 'https://sms.dhcc.ae/...'
    TYPE 'HTTP:POST:application/x-www-form-urlencoded'
    CERTIFICATE 'certificate=
-----BEGIN CERTIFICATE-----
MIIDrzCCApegAwIBAgIQCDvgVpBCRrGhdWrJWZHHSjANBgkqhkiG9w0BAQUFADBh
MQswCQYDVQQGEwJVUzEVMBMGA1UEChMMRGlnaUNlcnQgSW5jMRkwFwYDVQQLExB3
d3cuZGlnaWNlcnQuY29tMSAwHgYDVQQDExdEaWdpQ2VydCBHbG9iYWwgUm9vdCBD
QTAeFw0wNjExMTAwMDAwMDBaFw0zMTExMTAwMDAwMDBaMGExCzAJBgNVBAYTAlVT
MRUwEwYDVQQKEwxEaWdpQ2VydCBJbmMxGTAXBgNVBAsTEHd3dy5kaWdpY2VydC5j
b20xIDAeBgNVBAMTF0RpZ2lDZXJ0IEdsb2JhbCBSb290IENBMIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4jvhEXLeqKTTo1eqUKKPC3eQyaKl7hLOllsB
CSDMAZOnTjC3U/dDxGkAV53ijSLdhwZAAIEJzs4bg7/fzTtxRuLWZscFs3YnFo97
nh6Vfe63SKMI2tavegw5BmV/Sl0fvBf4q77uKNd0f3p4mVmFaG5cIzJLv07A6Fpt
43C/dxC//AH2hdmoRBBYMql1GNXRor5H4idq9Joz+EkIYIvUX7Q6hL+hqkpMfT7P
T19sdl6gSzeRntwi5m3OFBqOasv+zbMUZBfHWymeMr/y7vrTC0LUq7dBMtoM1O/4
gdW7jVg/tRvoSSiicNoxBN33shbyTApOB6jtSj1etX+jkMOvJwIDAQABo2MwYTAO
BgNVHQ8BAf8EBAMCAYYwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUA95QNVbR
TLtm8KPiGxvDl7I90VUwHwYDVR0jBBgwFoAUA95QNVbRTLtm8KPiGxvDl7I90VUw
DQYJKoZIhvcNAQEFBQADggEBAMucN6pIExIK+t1EnE9SsPTfrgT1eXkIoyQY/Esr
hMAtudXH/vTBH1jLuG2cenTnmCmrEbXjcKChzUyImZOMkXDiqw8cvpOp/2PV5Adg
06O/nVsJ8dWO41P0jmP6P6fbtGbfYmbW0W5BjfIttep3Sp+dWOIrWcBAI+0tKIJF
PnlUkiaY4IBIqDfv8NZ5YBberOgOzW6sRBc4L0na4UU+Krk2U886UAb3LujEV0ls
YSEY1QSteDwsOoBrp+uvFRTp2InBuThs4pFsiv9kuXclVzDAGySj4dzp30d8tbQk
CAUw7C29C79Fv1C5qfPrmAESrciIxpg0X40KPMbp1ZWVbd4=
-----END CERTIFICATE-----'


where certificate 


X.509 Certificate




Common Name:             DigiCert Global Root CA
Country Code:            US
Organization:            DigiCert Inc
Organizational Unit:     www.digicert.com
Issuer:                  DigiCert Global Root CA
Serial Number:           83be056904246b1a1756ac95991c74a
Issued:                  Nov 10, 2006   3:00:00
Expires:                 Nov 10, 2031   3:00:00
Signature Algorithm:     RSA, SHA1
Key Type:                RSA
Key Size:                2048 bits
Basic Constraints:       Is a certificate authority, path length limit: 0
Key Usage:               Digital Signature, Certificate Signing, CRL Signing

(09 Mar '17, 03:23) Ilia63
One Answer:
active answersoldest answersnewest answerspopular answers
0

Thanks for posting the procedure definition. I am seeing the same problem but all I can tell is that the SQLA HTTP server is shutting down the connection during the TLS handshake. We have no way to know why.

permanent link

answered 09 Mar '17, 15:39

Graeme%20Perrow's gravatar image

Graeme Perrow
9.6k379124
accept rate: 54%

edited 13 Mar '17, 08:16

Thanks.
Is this a singularity of this particular (DigiCert) certificate?
Is there a workaround to set the request for a site with such a certificate?

(13 Mar '17, 02:26) Ilia63

Don't you have to include the site certificate together with the root certificate ? I think I have heard that you have to provide both.

(13 Mar '17, 06:45) Thomas Dueme...

Sorry, there was a typo in my reply. The HTTP server is the one shutting down the connection, not the SQLA server. There may be a workaround but I'd have to know why the connection is being shut down first. You are specifying the correct certificate, as far as I can tell.

(13 Mar '17, 08:18) Graeme Perrow
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

learn more about Markdown

Question tags:

×48
×35

question asked: 07 Mar '17, 09:11

question was seen: 2,170 times

last updated: 13 Mar '17, 08:18

Related questions

Variable url in web client function

retrieving header values of web client function

4K monitor font size

Read Ultralite table size

webclient function

SA12 stored procedure/function bug?

http:get username password

How to retrieve cookie from Web Service

Browsing a https web server with certificate from other database server

SA12 performance when ROW_COUNTS option turned on