Show Posts
This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.
1
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: January 08, 2025, 01:32:43 AM »
Hi Bruce and Jane
I have got it working
My webservice has my own self signed certificate in place.
So I can receive the Json notification from the customer API
ThisWebserver.SSL = 1 ! Use SSL to make a Secure Web Server
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
ThisWebserver.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\deo.aag.nl.crt'
ThisWebserver.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\deo.aag.nl.key'
ThisWebserver.SSLCertificateOptions.ServerName = 'deo.aag.nl'
After receiving the notification, I had to send an ID to get the object information from the cutomer API.
So I had to use a client certificate aagweb-2025.pfx (signed by him) to authenticate myself to his API
With openssl I created a key and crt file out of the aagweb-2025.pfx :
openssl pkcs12 -in aagweb-2025.pfx -nocerts -out aagweb-2025.key
openssl pkcs12 -in aagweb-2025.pfx -clcerts -nokeys -out aagweb-2025.crt
openssl rsa -in aagweb-2025.key -out aagweb-2025-encrypted.key
To do so I created a seperate window which I call from the Netwebservice method zgw2aag (see picture)
The window has a NetWebClient class and doesn't show
NetWeb.SSL = 1
NetWeb.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\aagweb-2025.crt'
NetWeb.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\aagweb-2025-encrypted.key'
NetWeb.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
NetWeb.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
! NetWeb.customheader = 'apikey: 04tf2345ff67gh2a95e12fake'
NetWeb.Authorization = 'Token 04tf2345ff67gh2a95e12fake'
NetWeb.Get(Glo:ObjUrl)
After this I can receive the Json in the Packetreceived Embed
Thanks for all your suggestions
Joep
I have got it working
My webservice has my own self signed certificate in place.
So I can receive the Json notification from the customer API
ThisWebserver.SSL = 1 ! Use SSL to make a Secure Web Server
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
ThisWebserver.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\deo.aag.nl.crt'
ThisWebserver.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\deo.aag.nl.key'
ThisWebserver.SSLCertificateOptions.ServerName = 'deo.aag.nl'
After receiving the notification, I had to send an ID to get the object information from the cutomer API.
So I had to use a client certificate aagweb-2025.pfx (signed by him) to authenticate myself to his API
With openssl I created a key and crt file out of the aagweb-2025.pfx :
openssl pkcs12 -in aagweb-2025.pfx -nocerts -out aagweb-2025.key
openssl pkcs12 -in aagweb-2025.pfx -clcerts -nokeys -out aagweb-2025.crt
openssl rsa -in aagweb-2025.key -out aagweb-2025-encrypted.key
To do so I created a seperate window which I call from the Netwebservice method zgw2aag (see picture)
The window has a NetWebClient class and doesn't show
NetWeb.SSL = 1
NetWeb.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\aagweb-2025.crt'
NetWeb.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\aagweb-2025-encrypted.key'
NetWeb.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
NetWeb.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
! NetWeb.customheader = 'apikey: 04tf2345ff67gh2a95e12fake'
NetWeb.Authorization = 'Token 04tf2345ff67gh2a95e12fake'
NetWeb.Get(Glo:ObjUrl)
After this I can receive the Json in the Packetreceived Embed
Thanks for all your suggestions
Joep
2
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: December 21, 2024, 02:13:44 AM »
Hi Bruce and Jane
This is indeed how I have to go on.
With the automatic Window procedure and the call from the NetWebServiceMethod server code I can do the second call.
And with a new key and crt file in place this one is secure too. (I will make the crt and key file with openssl from the pfx I got from the consumer)
Thanks both for your understanding and suggestions.
I wil let you know when or if this works.
Thanks Joep
This is indeed how I have to go on.
With the automatic Window procedure and the call from the NetWebServiceMethod server code I can do the second call.
And with a new key and crt file in place this one is secure too. (I will make the crt and key file with openssl from the pfx I got from the consumer)
Thanks both for your understanding and suggestions.
I wil let you know when or if this works.
Thanks Joep
3
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: December 18, 2024, 05:53:29 AM »
Hi Bruce,
Sorry for the late reaction. There is still some confusion at the customer.
But to answer your questions.
I am server and client.
See the attachments how it looks.
So i get an notification from the customer (Api service) saying there is a new object available.
This works with certificates ( no problem)
The notification is a json with the unique number.
From there I have to send From ower Server a new json message asking for the object with the previous number from the notification.
Hope this helps to clear things.
What I also wanted to ask is how I can do the get from a netwebservice method?
Cheers
Joep
Sorry for the late reaction. There is still some confusion at the customer.
But to answer your questions.
I am server and client.
See the attachments how it looks.
So i get an notification from the customer (Api service) saying there is a new object available.
This works with certificates ( no problem)
The notification is a json with the unique number.
From there I have to send From ower Server a new json message asking for the object with the previous number from the notification.
Hope this helps to clear things.
What I also wanted to ask is how I can do the get from a netwebservice method?
Cheers
Joep
4
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: December 12, 2024, 07:44:58 AM »
Hi Jane and Bruce,
<< If that's what is meant by "2 way certificate authentication" then I think you need to figure out to use a client certificate (signed by him) to authenticate yourself to his API.
This is indeed the situation
like I said my webservice is secure (key and crt in place and the crt is referenced in the software of the external webservice, done by "him")
I tested this with postman locally
Now I have to look for a way to get the "signed csr which I got from the external party) in my webservice. The other way.
Where the external party says I have to convert it to pfx first with openssl.
Like Jane puts it I have to dig in deeper or even take several test with postman.
Regards Joep
<< If that's what is meant by "2 way certificate authentication" then I think you need to figure out to use a client certificate (signed by him) to authenticate yourself to his API.
This is indeed the situation
like I said my webservice is secure (key and crt in place and the crt is referenced in the software of the external webservice, done by "him")
I tested this with postman locally
Now I have to look for a way to get the "signed csr which I got from the external party) in my webservice. The other way.
Where the external party says I have to convert it to pfx first with openssl.
Like Jane puts it I have to dig in deeper or even take several test with postman.
Regards Joep
5
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: December 11, 2024, 06:11:50 AM »
Hi Bruce
My webservice is installed on a server of us.
The Api Gateway is in fact also a webservice at the client.
What we try to do is get json files from and send json files to this client.
I always believed that my key encrypts the message and the crt can decrypt this message at the client.
At least this is how I did my previous webservices.
Today I contacted my client and he said I had to convert the p7b file to pfx.
And somewhere in or at the TLS protocol I could reference this file. And here I am lost !!
Regards Joep
My webservice is installed on a server of us.
The Api Gateway is in fact also a webservice at the client.
What we try to do is get json files from and send json files to this client.
I always believed that my key encrypts the message and the crt can decrypt this message at the client.
At least this is how I did my previous webservices.
Today I contacted my client and he said I had to convert the p7b file to pfx.
And somewhere in or at the TLS protocol I could reference this file. And here I am lost !!
Regards Joep
6
Web Server - Ask For Help / Re: 2 way certificate authentication
« on: December 10, 2024, 06:42:01 AM »
Hi Bruce
My Nettalk version = 11.45
And when I say Public key I mean my Cert file.
So I have a webservice which has to communicate with an Api Gateway.
The administrator of the gateway asked me for the Csr file.
He said he would sign it and sended me this p7b ,based on the csr, file back for my use.
Hope this helps
Regards Joep
My Nettalk version = 11.45
And when I say Public key I mean my Cert file.
So I have a webservice which has to communicate with an Api Gateway.
The administrator of the gateway asked me for the Csr file.
He said he would sign it and sended me this p7b ,based on the csr, file back for my use.
Hope this helps
Regards Joep
7
Web Server - Ask For Help / 2 way certificate authentication
« on: December 10, 2024, 06:05:59 AM »
Hi,
I have a webservice which I'm going to use as an API server.
Normaly I create a self signed certificate with openssl and give the other party my public key.
ThisWebserver.SSL = 1 ! Use SSL to make a Secure Web Server
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
ThisWebserver.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\deo.aag.nl.crt'
ThisWebserver.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\deo.aag.nl.key'
ThisWebserver.SSLCertificateOptions.ServerName = 'deo.aag.nl'
The other party asked me for the CSR file and signed this file to Afile.p7b
But I don't know how and where I should install or embed it.
Any Ideas?
Regards Joep
I have a webservice which I'm going to use as an API server.
Normaly I create a self signed certificate with openssl and give the other party my public key.
ThisWebserver.SSL = 1 ! Use SSL to make a Secure Web Server
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateCommonName = 1
ThisWebserver.SSLCertificateOptions.DontVerifyRemoteCertificateWithCARoot = 1
ThisWebserver.SSLCertificateOptions.CertificateFile = 'c:\webservice\certificates\deo.aag.nl.crt'
ThisWebserver.SSLCertificateOptions.PrivateKeyFile = 'c:\webservice\certificates\deo.aag.nl.key'
ThisWebserver.SSLCertificateOptions.ServerName = 'deo.aag.nl'
The other party asked me for the CSR file and signed this file to Afile.p7b
But I don't know how and where I should install or embed it.
Any Ideas?
Regards Joep
8
Web Server - Ask For Help / Re: Strange behaviour of NetEncryptString and NetDecryptString
« on: September 16, 2024, 01:34:25 AM »
Hi Bruce,
I have got it working. Like you said I needed the length of the string.
So len(string) did not work. I used stringtheory to determine the length en stored it in the database.
And NetdecryptString with the wrigth length gave me in all examples the same string back.
Thanks for pointing the wrigth direction to me.
Regards Joep
I have got it working. Like you said I needed the length of the string.
So len(string) did not work. I used stringtheory to determine the length en stored it in the database.
And NetdecryptString with the wrigth length gave me in all examples the same string back.
Thanks for pointing the wrigth direction to me.
Regards Joep
9
Web Server - Ask For Help / Strange behaviour of NetEncryptString and NetDecryptString
« on: August 26, 2024, 12:09:07 AM »
I use NetEncryptString and NetDecryptString to decrypt passwords. So they won't show there initial value in the database.
Example:
Usr:Wachtwoord = NetEncryptString(lWachtwoord,len(lWachtwoord),'xxxxxxx')
And to show it again or to validate the paswords
lWachtwoordString = usr:Wachtwoord
lWachtwoord = NetDecryptString(lWachtwoordString,len(lWachtwoordString),'xxxxxxx')
But not all of the paswords can be decrypted.
These are some values and the indication wheter they can be decrypted:
- AA34&&&^ yes
- AA$A8nt56Y yes
- $$34er$ no
- A3gh2$ yes
- B3gh2$ no
Can someone tell me why some values cannot be decrypted?
Regards
Joep
Example:
Usr:Wachtwoord = NetEncryptString(lWachtwoord,len(lWachtwoord),'xxxxxxx')
And to show it again or to validate the paswords
lWachtwoordString = usr:Wachtwoord
lWachtwoord = NetDecryptString(lWachtwoordString,len(lWachtwoordString),'xxxxxxx')
But not all of the paswords can be decrypted.
These are some values and the indication wheter they can be decrypted:
- AA34&&&^ yes
- AA$A8nt56Y yes
- $$34er$ no
- A3gh2$ yes
- B3gh2$ no
Can someone tell me why some values cannot be decrypted?
Regards
Joep
10
The Rest - Ask For Help / Strange behaviour of NetEncryptString and NetDecryptString
« on: August 19, 2024, 05:11:08 AM »
I use NetEncryptString and NetDecryptString to decrypt passwords. So they won't show there initial value in the database.
Example:
Usr:Wachtwoord = NetEncryptString(lWachtwoord,len(lWachtwoord),'xxxxxxx')
And to show it again or to validate the paswords
lWachtwoordString = usr:Wachtwoord
lWachtwoord = NetDecryptString(lWachtwoordString,len(lWachtwoordString),'xxxxxxx')
But not all of the paswords can be decrypted.
These are some values and the indication wheter they can be decrypted:
- AA34&&&^ yes
- AA$A8nt56Y yes
- $$34er$ no
- A3gh2$ yes
- B3gh2$ no
Can someone tell me why some values cannot be decrypted?
Regards
Joep
Example:
Usr:Wachtwoord = NetEncryptString(lWachtwoord,len(lWachtwoord),'xxxxxxx')
And to show it again or to validate the paswords
lWachtwoordString = usr:Wachtwoord
lWachtwoord = NetDecryptString(lWachtwoordString,len(lWachtwoordString),'xxxxxxx')
But not all of the paswords can be decrypted.
These are some values and the indication wheter they can be decrypted:
- AA34&&&^ yes
- AA$A8nt56Y yes
- $$34er$ no
- A3gh2$ yes
- B3gh2$ no
Can someone tell me why some values cannot be decrypted?
Regards
Joep
11
Web Server - Ask For Help / Re: p_web.ParseHTML not returning anything
« on: March 29, 2021, 10:44:53 PM »
The call was in the wrong embed and I used the Return in the properties in stead to return it as a field.
Solved
Solved
12
Web Server - Ask For Help / p_web.ParseHTML not returning anything
« on: March 25, 2021, 07:26:59 AM »
I created a new webservice with a NetWebserviceMethod
In the processed code embed I consume the incoming xml and create a few records in SQL Server.
All the actions work.
And at the end I want to notify the person or system that sended the xml to consume.
In my old service I could do this with "p_web.ParseHTML(XmlResponse,1,len(XmlResponse),NET:NoHeader)"
Since I moved to a NetWebserviceMethod the p_web.ParseHTML isn't returning anything.
XmlResponse is a simple xmlstring which notifice the other person or system that the incoming xml is consumed correctly
Has Anyone an idea why p_web.ParseHTML isn't working?
Regards,
Joep
In the processed code embed I consume the incoming xml and create a few records in SQL Server.
All the actions work.
And at the end I want to notify the person or system that sended the xml to consume.
In my old service I could do this with "p_web.ParseHTML(XmlResponse,1,len(XmlResponse),NET:NoHeader)"
Since I moved to a NetWebserviceMethod the p_web.ParseHTML isn't returning anything.
XmlResponse is a simple xmlstring which notifice the other person or system that the incoming xml is consumed correctly
Has Anyone an idea why p_web.ParseHTML isn't working?
Regards,
Joep
13
Web Server - Ask For Help / Re: webservice web:lastPost get filled but it doesn't get to the processed code
« on: February 25, 2021, 04:42:48 AM »
Hi Bruce,
Like I said, it looks like the NetWebPage is broken in a way, because in the web.LastPost the xml looks fine.
The url I use is http://localhost:88/Xml2Aag and the netwebpage procedure has also the name Xml2Aag, That is how I always test it. Never had this problem.
If I put the url in a browser "http://localhost:88/Xml2Aag" I get this message:
The page cannot be found
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
But the webserver shows
GET /Xml2Aag HTTP/1.1
Host: localhost:88
When I do a post from soapui I get this in the webserver and the xml looks fine to me but never gets to the processed code :
POST /Xml2Aag HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml
Content-Length: 6557
Host: localhost:88
But I will give it a try using the new way .. (new webservice)
Is it easy to create a new webservice ? Do you have a webinar where I can watch this?
Regards Joep
Like I said, it looks like the NetWebPage is broken in a way, because in the web.LastPost the xml looks fine.
The url I use is http://localhost:88/Xml2Aag and the netwebpage procedure has also the name Xml2Aag, That is how I always test it. Never had this problem.
If I put the url in a browser "http://localhost:88/Xml2Aag" I get this message:
The page cannot be found
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
But the webserver shows
GET /Xml2Aag HTTP/1.1
Host: localhost:88
When I do a post from soapui I get this in the webserver and the xml looks fine to me but never gets to the processed code :
POST /Xml2Aag HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml
Content-Length: 6557
Host: localhost:88
But I will give it a try using the new way .. (new webservice)
Is it easy to create a new webservice ? Do you have a webinar where I can watch this?
Regards Joep
14
Web Server - Ask For Help / Re: webservice web:lastPost get filled but it doesn't get to the processed code
« on: February 23, 2021, 06:41:59 AM »
And this is what I get back from soapUI
<html class="no-js">
<head>
<meta content="HTML Tidy for Java (vers. 26 sep. 2004), see www.w3.org" name="generator"/>
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"/>
<link type="text/css" rel="stylesheet" href="/styles/error.css"/>
<title>404 The page cannot be found</title>
</head>
<body class="ErrorPage">
<div class="ErrorDiv">
<hr/>
<h1>The page cannot be found</h1>
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
<br/>
<br/>
<hr/>
</div>
</body>
</html>
<html class="no-js">
<head>
<meta content="HTML Tidy for Java (vers. 26 sep. 2004), see www.w3.org" name="generator"/>
<meta content="text/html; charset=ISO-8859-1" http-equiv="Content-Type"/>
<link type="text/css" rel="stylesheet" href="/styles/error.css"/>
<title>404 The page cannot be found</title>
</head>
<body class="ErrorPage">
<div class="ErrorDiv">
<hr/>
<h1>The page cannot be found</h1>
The page you are looking for might have been removed, had its name changed, or is temporarily unavailable.
<br/>
<br/>
<hr/>
</div>
</body>
</html>
15
Web Server - Ask For Help / webservice web:lastPost get filled but it doesn't get to the processed code
« on: February 23, 2021, 06:38:11 AM »
Hi all
I have got a webservice up and running for a client where some data on a website is processed into the database.
Like the most customers they like some new stuff, so I went making this in my webservice.
But my webservice does not work properly anymore.
web.LastPost is filled with the xml I posted. That part works.
But in NetWebPage procedure the processed code embed never runs.
The xml looks fine in the web.LastPost
POST /Xml2Aag HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml
Content-Length: 6557
Host: localhost:88
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/12.0.1)
<?xml version="1.0" encoding="utf-16"?>
<form>
etc.........
The NetwebPage is from the prototype (NetWebServerWorker p_web)
Any idea's why the webservice doesn't get to the processed code embed anymore?
Regards,
Joep
I have got a webservice up and running for a client where some data on a website is processed into the database.
Like the most customers they like some new stuff, so I went making this in my webservice.
But my webservice does not work properly anymore.
web.LastPost is filled with the xml I posted. That part works.
But in NetWebPage procedure the processed code embed never runs.
The xml looks fine in the web.LastPost
POST /Xml2Aag HTTP/1.1
Accept-Encoding: gzip,deflate
Content-Type: text/xml
Content-Length: 6557
Host: localhost:88
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.5.5 (Java/12.0.1)
<?xml version="1.0" encoding="utf-16"?>
<form>
etc.........
The NetwebPage is from the prototype (NetWebServerWorker p_web)
Any idea's why the webservice doesn't get to the processed code embed anymore?
Regards,
Joep