|
Hello. I want to enable the https web service protocol but I am having an issue. I am using SQL Anywhere 16 build 1691. Here's my service configuration. -x tcpip(port=xxx03) -xs http(port=xxx05) -xs https(fips=N;port=443;Identity=xxx.pem;identity_password=xxx) -n xxxx xxxx.db If I call the web service using http, I get the results very quickly. When I use https, it times out. The database resides on an Azure server. Here's some of the cert info. Signature Algorithm: RSA, SHA256 Key Type: RSA Key Size: 1024 bits Basic Constraints: Is not a certificate authority Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Key Agreement All significant ports are open on the Azure server and I placed the certificate in the Trusted Root Certification Authorities. What am I missing? Any help will be appreciated. Thanks, Rick |
Please be aware that the content in SAP SQL Anywhere Forum will be migrated to the SAP Community in June and this forum will be retired.
Follow this question
By Email:Once you sign in you will be able to subscribe for any updates here
By RSS:Markdown Basics
- *italic* or _italic_
- **bold** or __bold__
- link:[text](http://url.com/ "title")
- image?
- numbered list: 1. Foo 2. Bar
- to add a line break simply add two spaces to where you would like the new line to be.
- basic HTML tags are also supported
Question tags:
question asked: 22 Apr, 11:54
question was seen: 172 times
last updated: 26 Apr, 09:31
What web client do you use? A SQL Anywhere database client or a browser or client app?
SQL Anywhere 16.0.0.1691 is really old, the crypto libs and rules for certificate validation have changed during version 16 and 17...
I've been testing using Postman or just a web browser. Unfortunately, right now, upgrading to 17 is not an option.
Can you experiment with HTTP(VERSION=1.1;KTIMEOUT=30). Use VERSION=1.1 and the KTIMEOUT can be something different than 30 but start there. I would also enable logging (-z engine option and HTTPS LogOptions protocol option) to gather more diagnostics for this issue.
I would also reiterate that you are running a very old version of SQL Anywhere and that it is using a very old version of OpenSSL - one that is at risk for the OpenSSL vulnerability known as Heartbleed (fixed in Build 1824). There were other updates to OpenSSL before the last SA16 patch that may address other vulnerabilities (I cannot recall specifically).
Well, 16.0.0.2798 is the last v16 EBF, that's what I would at least update to...
I wish I could but finding that EBF seems impossible.
Hm, you might ask that as a separate question here...
I remember I could access SQL Anywhere 16 and older downloads as "archived products" in the SAP Support Portal Software Download section a while ago but currently I am only able to access SQL Anywhere 17. And searching within the Support Portal does not offer useful suggestions, it's really annoying ... :/
Can I confirm that from the Download Software page, navigate as follows:
Aargh, SAP is still a German-based company, and that subtitle is unluckily translated to German as
which means "To Archive by alphabetical index (A-Z)" instead of something like "Archiv nach alphabetischem Index (A-Z)" - and made me think "No, I don't want to archive anything...".
Well, as the Golden rule tells: "Watcom does (or did?) things the way they should be done". Apparently (and unfortunately), SAP has a different approach.
But yes, I can access EBFs for V9-v16 there, so that's at least alright.