SSL connection from a PowerBuilder client to an EAServer component

I am attempting to establish an SSL connection from a
PowerBuilder client to an EAServer component. I found a
Sybase Solved Case #10886461 all the way back from 2002. I
followed all of the suggestions from the case, however I
still cannot establish the SSL connection. Has anything
changed in either PowerBuilder or EAServer since then that
would require a different approach to this rather than what
is listed in the referenced Case from above?
0
David
4/7/2008 8:20:41 PM
sybase.powerbuilder.general 62418 articles. 19 followers. Follow

5 Replies
1616 Views

Similar Articles

[PageSpeed] 19
Get it on Google Play
Get it on Apple App Store

posting the code you are using and the return values that you are getting
would be helpful for anyone trying to answer your question.

Are you getting a success from the following functions?
SSLServiceProvider l_sslsp
 getcontextservice( "SSLServiceProvider", l_sslsp )
 l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
 l_sslsp.setglobalproperty( "pin", "...." )

ll_rc = icn_jaguar.connectToServer()

Alex


<David Cervenan> wrote in message news:47fa8219.a0b.1681692777@sybase.com...
> I am attempting to establish an SSL connection from a
> PowerBuilder client to an EAServer component. I found a
> Sybase Solved Case #10886461 all the way back from 2002. I
> followed all of the suggestions from the case, however I
> still cannot establish the SSL connection. Has anything
> changed in either PowerBuilder or EAServer since then that
> would require a different approach to this rather than what
> is listed in the referenced Case from above?


0
Alex
4/7/2008 9:58:54 PM
I get a success return code from GetContextService and the 2
calls to the SetGlobalProperty. However, I keep getting a
return code of 57 when I call ConnectToServer. I have an
iiops listener on port 9001 setup on my Jaguar server using
the EAServer Security Profile of "sample1". To experiment
with this I simply used the code that was listed in Solved
Case #10886461 as  follows:

long ll_rc

int  li_rc

n_connection ln_connect

SSLServiceProvider l_ssl

this.getContextService("SSLServiceProvider", l_ssl)
li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" )

if li_rc <> 0 then
MessageBox("Error Setting SSL Parameters", "Error " +       
         String(li_rc) + " when setting QOP")
return
end if

li_rc = l_ssl.setglobalproperty( "PIN", "****" )

if li_rc <> 0 then
MessageBox("Error Setting SSL Parameters", "Error " +
String(li_rc) + " when setting PIN")
return
end if

// Not using certificate label
//if Trim(sle_certlabel.text) <> "" then
//li_rc = l_ssl.setglobalproperty( "certificateLabel",
//sle_certlabel.text )

//if li_rc <> 0 then
//MessageBox("Error Setting SSL Parameters", "Error " +
//String(li_rc) + " when setting certificate label")
//return
//end if

end if

ln_connect = CREATE n_connection
ln_connect.userid = sle_user.text
ln_connect.password = sle_password.text
ln_connect.driver = "jaguar"
ln_connect.options =
"ORBLogIIOP='true',ORBLogFile='c:\orb.log'"

if cbx_ssl.checked then
ln_connect.location = "iiops://"
ln_connect.options = ln_connect.options +
",ORBForceSSL='true'"
else
ln_connect.location = "iiop://"
end if

ln_connect.location = ln_connect.location + sle_server.text
+ ":" + sle_port.text

ll_rc = ln_connect.ConnectToServer()

if ll_rc = 0 then
....

> posting the code you are using and the return values that
> you are getting would be helpful for anyone trying to
> answer your question.
>
> Are you getting a success from the following functions?
> SSLServiceProvider l_sslsp
>  getcontextservice( "SSLServiceProvider", l_sslsp )
>  l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
>  l_sslsp.setglobalproperty( "pin", "...." )
>
> ll_rc = icn_jaguar.connectToServer()
>
> Alex
>
>
> <David Cervenan> wrote in message
> > news:47fa8219.a0b.1681692777@sybase.com... I am
> > attempting to establish an SSL connection from a
> > PowerBuilder client to an EAServer component. I found a
> > Sybase Solved Case #10886461 all the way back from 2002.
> > I followed all of the suggestions from the case, however
> > I still cannot establish the SSL connection. Has
> anything changed in either PowerBuilder or EAServer since
> > then that would require a different approach to this
> > rather than what is listed in the referenced Case from
> above?
>
>
0
David
4/8/2008 1:25:52 PM
try removing the   "ORBForceSSL='true'" from the connection object. I do not
use this in my code.

I also do not see anything where you force the port # to 9001 when the
cbx_ssl.checked is true. The code uses whatever is in sle_port.text.

What, if anything, is in the orb log file?

the 57 error usually mean a bad server name or port number.

Alex

<David Cervenan> wrote in message
news:47fb7260.1dda.1681692777@sybase.com...
> I get a success return code from GetContextService and the 2
> calls to the SetGlobalProperty. However, I keep getting a
> return code of 57 when I call ConnectToServer. I have an
> iiops listener on port 9001 setup on my Jaguar server using
> the EAServer Security Profile of "sample1". To experiment
> with this I simply used the code that was listed in Solved
> Case #10886461 as  follows:
>
> long ll_rc
>
> int  li_rc
>
> n_connection ln_connect
>
> SSLServiceProvider l_ssl
>
> this.getContextService("SSLServiceProvider", l_ssl)
> li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" )
>
> if li_rc <> 0 then
> MessageBox("Error Setting SSL Parameters", "Error " +
>          String(li_rc) + " when setting QOP")
> return
> end if
>
> li_rc = l_ssl.setglobalproperty( "PIN", "****" )
>
> if li_rc <> 0 then
> MessageBox("Error Setting SSL Parameters", "Error " +
> String(li_rc) + " when setting PIN")
> return
> end if
>
> // Not using certificate label
> //if Trim(sle_certlabel.text) <> "" then
> //li_rc = l_ssl.setglobalproperty( "certificateLabel",
> //sle_certlabel.text )
>
> //if li_rc <> 0 then
> //MessageBox("Error Setting SSL Parameters", "Error " +
> //String(li_rc) + " when setting certificate label")
> //return
> //end if
>
> end if
>
> ln_connect = CREATE n_connection
> ln_connect.userid = sle_user.text
> ln_connect.password = sle_password.text
> ln_connect.driver = "jaguar"
> ln_connect.options =
> "ORBLogIIOP='true',ORBLogFile='c:\orb.log'"
>
> if cbx_ssl.checked then
> ln_connect.location = "iiops://"
> ln_connect.options = ln_connect.options +
> ",ORBForceSSL='true'"
> else
> ln_connect.location = "iiop://"
> end if
>
> ln_connect.location = ln_connect.location + sle_server.text
> + ":" + sle_port.text
>
> ll_rc = ln_connect.ConnectToServer()
>
> if ll_rc = 0 then
> ...
>
> > posting the code you are using and the return values that
> > you are getting would be helpful for anyone trying to
> > answer your question.
> >
> > Are you getting a success from the following functions?
> > SSLServiceProvider l_sslsp
> >  getcontextservice( "SSLServiceProvider", l_sslsp )
> >  l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
> >  l_sslsp.setglobalproperty( "pin", "...." )
> >
> > ll_rc = icn_jaguar.connectToServer()
> >
> > Alex
> >
> >
> > <David Cervenan> wrote in message
> > > news:47fa8219.a0b.1681692777@sybase.com... I am
> > > attempting to establish an SSL connection from a
> > > PowerBuilder client to an EAServer component. I found a
> > > Sybase Solved Case #10886461 all the way back from 2002.
> > > I followed all of the suggestions from the case, however
> > > I still cannot establish the SSL connection. Has
> > anything changed in either PowerBuilder or EAServer since
> > > then that would require a different approach to this
> > > rather than what is listed in the referenced Case from
> > above?
> >
> >


0
Alex
4/8/2008 8:34:51 PM
I tried removing the "ORBForceSSL='true'" from the
connection object options and had no success. I am including
port number 9001 in the single line edit that is used to
populate the location property. And the orb log file is
reporting a rather useless error message of:

new_JagIIOPSSocket: failed. localhost/9001: Security error:
"SCL Session Connect:Protocol layer error.:SSL protocol
fatal alert.", (45,7,0,0)

We are using EAServer 5.5 and I found a little "blurb" in
the PowerBuilder 10.5 release notes that states:

5.4.6 SSL connection to EAServer fails

EAServer versions 5.2 and later use Transport Layer Security
(TLS) to establish secure connections between a client and
server. TLS is a protocol based on the Secure Sockets Layer
(SSL) that can authenticate both the client and the server
and create an encrypted connection between them.
PowerBuilder clients that rely on the previous version of
the EAServer SSL client runtime and use mutual
authentication cannot establish an SSL connection using the
default settings.

To disable support for TLS and use the previous version of
the SSL client runtime, set the environment variable JAGSSL
to true in the serverstart.bat file before you start
EAServer.

You can also set this environment variable in an EAServer
client installation:

set JAGSSL=true

Unfortunately, I tried the above suggestion with no success
either. I'm out of ideas here. If you can think of anything
else, it would be much appreciated, otherwise, thank you so
much for your help thus far.

---------------

> try removing the   "ORBForceSSL='true'" from the
> connection object. I do not use this in my code.
>
> I also do not see anything where you force the port # to
> 9001 when the cbx_ssl.checked is true. The code uses
> whatever is in sle_port.text.
>
> What, if anything, is in the orb log file?
>
> the 57 error usually mean a bad server name or port
> number.
>
> Alex
>
> <David Cervenan> wrote in message
> news:47fb7260.1dda.1681692777@sybase.com...
> > I get a success return code from GetContextService and
> > the 2 calls to the SetGlobalProperty. However, I keep
> > getting a return code of 57 when I call ConnectToServer.
> > I have an iiops listener on port 9001 setup on my Jaguar
> > server using the EAServer Security Profile of "sample1".
> > To experiment with this I simply used the code that was
> > listed in Solved Case #10886461 as  follows:
> >
> > long ll_rc
> >
> > int  li_rc
> >
> > n_connection ln_connect
> >
> > SSLServiceProvider l_ssl
> >
> > this.getContextService("SSLServiceProvider", l_ssl)
> > li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong"
> ) >
> > if li_rc <> 0 then
> > MessageBox("Error Setting SSL Parameters", "Error " +
> >          String(li_rc) + " when setting QOP")
> > return
> > end if
> >
> > li_rc = l_ssl.setglobalproperty( "PIN", "****" )
> >
> > if li_rc <> 0 then
> > MessageBox("Error Setting SSL Parameters", "Error " +
> > String(li_rc) + " when setting PIN")
> > return
> > end if
> >
> > // Not using certificate label
> > //if Trim(sle_certlabel.text) <> "" then
> > //li_rc = l_ssl.setglobalproperty( "certificateLabel",
> > //sle_certlabel.text )
> >
> > //if li_rc <> 0 then
> > //MessageBox("Error Setting SSL Parameters", "Error " +
> > //String(li_rc) + " when setting certificate label")
> > //return
> > //end if
> >
> > end if
> >
> > ln_connect = CREATE n_connection
> > ln_connect.userid = sle_user.text
> > ln_connect.password = sle_password.text
> > ln_connect.driver = "jaguar"
> > ln_connect.options =
> > "ORBLogIIOP='true',ORBLogFile='c:\orb.log'"
> >
> > if cbx_ssl.checked then
> > ln_connect.location = "iiops://"
> > ln_connect.options = ln_connect.options +
> > ",ORBForceSSL='true'"
> > else
> > ln_connect.location = "iiop://"
> > end if
> >
> > ln_connect.location = ln_connect.location +
> > sle_server.text + ":" + sle_port.text
> >
> > ll_rc = ln_connect.ConnectToServer()
> >
> > if ll_rc = 0 then
> > ...
> >
> > > posting the code you are using and the return values
> > > that you are getting would be helpful for anyone
> > > trying to answer your question.
> > >
> > > Are you getting a success from the following
> > > functions? SSLServiceProvider l_sslsp
> > >  getcontextservice( "SSLServiceProvider", l_sslsp )
> > >  l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
> > >  l_sslsp.setglobalproperty( "pin", "...." )
> > >
> > > ll_rc = icn_jaguar.connectToServer()
> > >
> > > Alex
> > >
> > >
> > > <David Cervenan> wrote in message
> > > > news:47fa8219.a0b.1681692777@sybase.com... I am
> > > > attempting to establish an SSL connection from a
> > > > PowerBuilder client to an EAServer component. I
> > > > found a Sybase Solved Case #10886461 all the way
> > > > back from 2002. I followed all of the suggestions
> > > > from the case, however I still cannot establish the
> > > SSL connection. Has anything changed in either
> > > > PowerBuilder or EAServer since then that would
> > > > require a different approach to this rather than
> > > what is listed in the referenced Case from above?
> > >
> > >
>
>
0
David
4/9/2008 8:47:16 PM
One thing that I am NOT doing is mutual auth. We only use the SSL to encrypt
the traffic so there is no client cert.


Alex

<David Cervenan> wrote in message
news:47fd2b54.49af.1681692777@sybase.com...
> I tried removing the "ORBForceSSL='true'" from the
> connection object options and had no success. I am including
> port number 9001 in the single line edit that is used to
> populate the location property. And the orb log file is
> reporting a rather useless error message of:
>
> new_JagIIOPSSocket: failed. localhost/9001: Security error:
> "SCL Session Connect:Protocol layer error.:SSL protocol
> fatal alert.", (45,7,0,0)
>
> We are using EAServer 5.5 and I found a little "blurb" in
> the PowerBuilder 10.5 release notes that states:
>
> 5.4.6 SSL connection to EAServer fails
>
> EAServer versions 5.2 and later use Transport Layer Security
> (TLS) to establish secure connections between a client and
> server. TLS is a protocol based on the Secure Sockets Layer
> (SSL) that can authenticate both the client and the server
> and create an encrypted connection between them.
> PowerBuilder clients that rely on the previous version of
> the EAServer SSL client runtime and use mutual
> authentication cannot establish an SSL connection using the
> default settings.
>
> To disable support for TLS and use the previous version of
> the SSL client runtime, set the environment variable JAGSSL
> to true in the serverstart.bat file before you start
> EAServer.
>
> You can also set this environment variable in an EAServer
> client installation:
>
> set JAGSSL=true
>
> Unfortunately, I tried the above suggestion with no success
> either. I'm out of ideas here. If you can think of anything
> else, it would be much appreciated, otherwise, thank you so
> much for your help thus far.
>
> ---------------
>
> > try removing the   "ORBForceSSL='true'" from the
> > connection object. I do not use this in my code.
> >
> > I also do not see anything where you force the port # to
> > 9001 when the cbx_ssl.checked is true. The code uses
> > whatever is in sle_port.text.
> >
> > What, if anything, is in the orb log file?
> >
> > the 57 error usually mean a bad server name or port
> > number.
> >
> > Alex
> >
> > <David Cervenan> wrote in message
> > news:47fb7260.1dda.1681692777@sybase.com...
> > > I get a success return code from GetContextService and
> > > the 2 calls to the SetGlobalProperty. However, I keep
> > > getting a return code of 57 when I call ConnectToServer.
> > > I have an iiops listener on port 9001 setup on my Jaguar
> > > server using the EAServer Security Profile of "sample1".
> > > To experiment with this I simply used the code that was
> > > listed in Solved Case #10886461 as  follows:
> > >
> > > long ll_rc
> > >
> > > int  li_rc
> > >
> > > n_connection ln_connect
> > >
> > > SSLServiceProvider l_ssl
> > >
> > > this.getContextService("SSLServiceProvider", l_ssl)
> > > li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong"
> > ) >
> > > if li_rc <> 0 then
> > > MessageBox("Error Setting SSL Parameters", "Error " +
> > >          String(li_rc) + " when setting QOP")
> > > return
> > > end if
> > >
> > > li_rc = l_ssl.setglobalproperty( "PIN", "****" )
> > >
> > > if li_rc <> 0 then
> > > MessageBox("Error Setting SSL Parameters", "Error " +
> > > String(li_rc) + " when setting PIN")
> > > return
> > > end if
> > >
> > > // Not using certificate label
> > > //if Trim(sle_certlabel.text) <> "" then
> > > //li_rc = l_ssl.setglobalproperty( "certificateLabel",
> > > //sle_certlabel.text )
> > >
> > > //if li_rc <> 0 then
> > > //MessageBox("Error Setting SSL Parameters", "Error " +
> > > //String(li_rc) + " when setting certificate label")
> > > //return
> > > //end if
> > >
> > > end if
> > >
> > > ln_connect = CREATE n_connection
> > > ln_connect.userid = sle_user.text
> > > ln_connect.password = sle_password.text
> > > ln_connect.driver = "jaguar"
> > > ln_connect.options =
> > > "ORBLogIIOP='true',ORBLogFile='c:\orb.log'"
> > >
> > > if cbx_ssl.checked then
> > > ln_connect.location = "iiops://"
> > > ln_connect.options = ln_connect.options +
> > > ",ORBForceSSL='true'"
> > > else
> > > ln_connect.location = "iiop://"
> > > end if
> > >
> > > ln_connect.location = ln_connect.location +
> > > sle_server.text + ":" + sle_port.text
> > >
> > > ll_rc = ln_connect.ConnectToServer()
> > >
> > > if ll_rc = 0 then
> > > ...
> > >
> > > > posting the code you are using and the return values
> > > > that you are getting would be helpful for anyone
> > > > trying to answer your question.
> > > >
> > > > Are you getting a success from the following
> > > > functions? SSLServiceProvider l_sslsp
> > > >  getcontextservice( "SSLServiceProvider", l_sslsp )
> > > >  l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
> > > >  l_sslsp.setglobalproperty( "pin", "...." )
> > > >
> > > > ll_rc = icn_jaguar.connectToServer()
> > > >
> > > > Alex
> > > >
> > > >
> > > > <David Cervenan> wrote in message
> > > > > news:47fa8219.a0b.1681692777@sybase.com... I am
> > > > > attempting to establish an SSL connection from a
> > > > > PowerBuilder client to an EAServer component. I
> > > > > found a Sybase Solved Case #10886461 all the way
> > > > > back from 2002. I followed all of the suggestions
> > > > > from the case, however I still cannot establish the
> > > > SSL connection. Has anything changed in either
> > > > > PowerBuilder or EAServer since then that would
> > > > > require a different approach to this rather than
> > > > what is listed in the referenced Case from above?
> > > >
> > > >
> >
> >


0
Alex
4/10/2008 7:27:10 PM
Reply:

Web resources about - SSL connection from a PowerBuilder client to an EAServer component - sybase.powerbuilder.general

PowerBuilder - Wikipedia, the free encyclopedia
PowerBuilder is an integrated development environment owned by Sybase , a division of SAP . It has been in use since 1991, peaking around 1998 ...

Sybase PowerBuilder tool readied for Microsoft's .Net
... Win32 or newer style .Net development After several years of work, Sybase is ready to deliver on the final step in its plan to move PowerBuilder ...

Jim O'Neil (@jimoneil) on Twitter
Sign in Sign up To bring you Twitter, we and our partners use cookies on our and other websites. Cookies help personalize Twitter content, tailor ...

Open Directory - Computers: Programming: Languages
about dmoz - dmoz blog - report abuse/spam - help the entire directory only in Programming/Languages Description Top : Computers : Programming ...

The HP Booth Staff (Goons) Owe Me an Apology
... when you might need to use it. For instance, when I was in the WinRunner world there were plugins for driving terminal emulators and powerbuilder ...

Contact Us - Sybase Inc
Thanks for visiting the 主页 section of Sybase.com. Here you will find information about Contact Us. For more information about Business Intelligence, ...

热门搜索 - 我的异常网
... 我的异常网 » 热门搜索 sdpnet2 移动【A111】其它用户原因鉴权失败,是什么意思啊 http:// 192.168.1.102:22578 本网站服务器位于美国,受美国法律保护 MiniUI js 破解 http://192.168.1.103:8080/ powerbuilder ...

Mobile app security: Always keep the back door locked
The best way to keep mobile apps safe is to secure the services they connect to.

10 Tech Skills That Will Instantly Net You A $100,000+ Salary
... that let's developers run Java applications. Java is highly popular language for writing web apps and custom enterprise apps. No. 8: PowerBuilder ...

Top Ranked Articles
Top Ranked Articles - Free source code and tutorials for Software developers and Architects.; Updated: 23 Feb 2013

Resources last updated: 12/5/2015 7:59:21 AM