Please be aware that the content in SAP SQL Anywhere Forum will be migrated to the SAP Community in June and this forum will be retired.

Hello. I want to enable the https web service protocol but I am having an issue. I am using SQL Anywhere 16 build 1691. Here's my service configuration.

-x tcpip(port=xxx03) -xs http(port=xxx05) -xs https(fips=N;port=443;Identity=xxx.pem;identity_password=xxx) -n xxxx xxxx.db

If I call the web service using http, I get the results very quickly. When I use https, it times out. The database resides on an Azure server. Here's some of the cert info.

Signature Algorithm: RSA, SHA256

Key Type: RSA

Key Size: 1024 bits

Basic Constraints: Is not a certificate authority

Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Key Agreement

All significant ports are open on the Azure server and I placed the certificate in the Trusted Root Certification Authorities. What am I missing? Any help will be appreciated.

Thanks, Rick

asked 22 Apr, 11:54

rgonzo67's gravatar image

rgonzo67
1113
accept rate: 0%

edited 22 Apr, 12:20

What web client do you use? A SQL Anywhere database client or a browser or client app?

SQL Anywhere 16.0.0.1691 is really old, the crypto libs and rules for certificate validation have changed during version 16 and 17...

(22 Apr, 12:25) Volker Barth

I've been testing using Postman or just a web browser. Unfortunately, right now, upgrading to 17 is not an option.

(22 Apr, 12:32) rgonzo67
Replies hidden
1

Can you experiment with HTTP(VERSION=1.1;KTIMEOUT=30). Use VERSION=1.1 and the KTIMEOUT can be something different than 30 but start there. I would also enable logging (-z engine option and HTTPS LogOptions protocol option) to gather more diagnostics for this issue.

I would also reiterate that you are running a very old version of SQL Anywhere and that it is using a very old version of OpenSSL - one that is at risk for the OpenSSL vulnerability known as Heartbleed (fixed in Build 1824). There were other updates to OpenSSL before the last SA16 patch that may address other vulnerabilities (I cannot recall specifically).

(22 Apr, 17:27) Chris Keating

Well, 16.0.0.2798 is the last v16 EBF, that's what I would at least update to...

(23 Apr, 04:34) Volker Barth

I wish I could but finding that EBF seems impossible.

(25 Apr, 13:52) rgonzo67

Hm, you might ask that as a separate question here...

I remember I could access SQL Anywhere 16 and older downloads as "archived products" in the SAP Support Portal Software Download section a while ago but currently I am only able to access SQL Anywhere 17. And searching within the Support Portal does not offer useful suggestions, it's really annoying ... :/

(26 Apr, 03:16) Volker Barth

Can I confirm that from the Download Software page, navigate as follows:

  • Support Packages & Patches 
  • Archive by Alphabetical Index (A-Z)
  • S
    • Sybase SQL Anywhere
(26 Apr, 08:54) Chris Keating

Aargh, SAP is still a German-based company, and that subtitle is unluckily translated to German as

Nach alphabetischem Index archivieren (A-Z)

which means "To Archive by alphabetical index (A-Z)" instead of something like "Archiv nach alphabetischem Index (A-Z)" - and made me think "No, I don't want to archive anything...".

Well, as the Golden rule tells: "Watcom does (or did?) things the way they should be done". Apparently (and unfortunately), SAP has a different approach.

But yes, I can access EBFs for V9-v16 there, so that's at least alright.

(26 Apr, 09:29) Volker Barth
showing 3 of 8 show all flat view
Be the first one to answer this question!
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×261
×66
×25

question asked: 22 Apr, 11:54

question was seen: 251 times

last updated: 26 Apr, 09:31