SSL connection from a PowerBuilder client to an EAServer component
I am attempting to establish an SSL connection from a PowerBuilder client to an EAServer component. I found a Sybase Solved Case #10886461 all the way back from 2002. I followed all of the suggestions from the case, however I still cannot establish the SSL connection. Has anything changed in either PowerBuilder or EAServer since then that would require a different approach to this rather than what is listed in the referenced Case from above?
|
0 |
|
David
4/7/2008 8:20:41 PM
posting the code you are using and the return values that you are getting would be helpful for anyone trying to answer your question. Are you getting a success from the following functions? SSLServiceProvider l_sslsp getcontextservice( "SSLServiceProvider", l_sslsp ) l_sslsp.setglobalproperty( "QOP", "sybpks_strong" ) l_sslsp.setglobalproperty( "pin", "...." ) ll_rc = icn_jaguar.connectToServer() Alexwrote in message news:[email protected]... > I am attempting to establish an SSL connection from a > PowerBuilder client to an EAServer component. I found a > Sybase Solved Case #10886461 all the way back from 2002. I > followed all of the suggestions from the case, however I > still cannot establish the SSL connection. Has anything > changed in either PowerBuilder or EAServer since then that > would require a different approach to this rather than what > is listed in the referenced Case from above?
|
|
0 |
|
Alex
4/7/2008 9:58:54 PM
I get a success return code from GetContextService and the 2
calls to the SetGlobalProperty. However, I keep getting a
return code of 57 when I call ConnectToServer. I have an
iiops listener on port 9001 setup on my Jaguar server using
the EAServer Security Profile of "sample1". To experiment
with this I simply used the code that was listed in Solved
Case #10886461 as follows:
long ll_rc
int li_rc
n_connection ln_connect
SSLServiceProvider l_ssl
this.getContextService("SSLServiceProvider", l_ssl)
li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" )
if li_rc <> 0 then
MessageBox("Error Setting SSL Parameters", "Error " +
String(li_rc) + " when setting QOP")
return
end if
li_rc = l_ssl.setglobalproperty( "PIN", "****" )
if li_rc <> 0 then
MessageBox("Error Setting SSL Parameters", "Error " +
String(li_rc) + " when setting PIN")
return
end if
// Not using certificate label
//if Trim(sle_certlabel.text) <> "" then
//li_rc = l_ssl.setglobalproperty( "certificateLabel",
//sle_certlabel.text )
//if li_rc <> 0 then
//MessageBox("Error Setting SSL Parameters", "Error " +
//String(li_rc) + " when setting certificate label")
//return
//end if
end if
ln_connect = CREATE n_connection
ln_connect.userid = sle_user.text
ln_connect.password = sle_password.text
ln_connect.driver = "jaguar"
ln_connect.options =
"ORBLogIIOP='true',ORBLogFile='c:\orb.log'"
if cbx_ssl.checked then
ln_connect.location = "iiops://"
ln_connect.options = ln_connect.options +
",ORBForceSSL='true'"
else
ln_connect.location = "iiop://"
end if
ln_connect.location = ln_connect.location + sle_server.text
+ ":" + sle_port.text
ll_rc = ln_connect.ConnectToServer()
if ll_rc = 0 then
....
> posting the code you are using and the return values that
> you are getting would be helpful for anyone trying to
> answer your question.
>
> Are you getting a success from the following functions?
> SSLServiceProvider l_sslsp
> getcontextservice( "SSLServiceProvider", l_sslsp )
> l_sslsp.setglobalproperty( "QOP", "sybpks_strong" )
> l_sslsp.setglobalproperty( "pin", "...." )
>
> ll_rc = icn_jaguar.connectToServer()
>
> Alex
>
>
> wrote in message
> > news:[email protected]... I am
> > attempting to establish an SSL connection from a
> > PowerBuilder client to an EAServer component. I found a
> > Sybase Solved Case #10886461 all the way back from 2002.
> > I followed all of the suggestions from the case, however
> > I still cannot establish the SSL connection. Has
> anything changed in either PowerBuilder or EAServer since
> > then that would require a different approach to this
> > rather than what is listed in the referenced Case from
> above?
>
>
|
|
0 |
|
David
4/8/2008 1:25:52 PM
try removing the "ORBForceSSL='true'" from the connection object. I do not use this in my code. I also do not see anything where you force the port # to 9001 when the cbx_ssl.checked is true. The code uses whatever is in sle_port.text. What, if anything, is in the orb log file? the 57 error usually mean a bad server name or port number. Alexwrote in message news:[email protected]... > I get a success return code from GetContextService and the 2 > calls to the SetGlobalProperty. However, I keep getting a > return code of 57 when I call ConnectToServer. I have an > iiops listener on port 9001 setup on my Jaguar server using > the EAServer Security Profile of "sample1". To experiment > with this I simply used the code that was listed in Solved > Case #10886461 as follows: > > long ll_rc > > int li_rc > > n_connection ln_connect > > SSLServiceProvider l_ssl > > this.getContextService("SSLServiceProvider", l_ssl) > li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" ) > > if li_rc <> 0 then > MessageBox("Error Setting SSL Parameters", "Error " + > String(li_rc) + " when setting QOP") > return > end if > > li_rc = l_ssl.setglobalproperty( "PIN", "****" ) > > if li_rc <> 0 then > MessageBox("Error Setting SSL Parameters", "Error " + > String(li_rc) + " when setting PIN") > return > end if > > // Not using certificate label > //if Trim(sle_certlabel.text) <> "" then > //li_rc = l_ssl.setglobalproperty( "certificateLabel", > //sle_certlabel.text ) > > //if li_rc <> 0 then > //MessageBox("Error Setting SSL Parameters", "Error " + > //String(li_rc) + " when setting certificate label") > //return > //end if > > end if > > ln_connect = CREATE n_connection > ln_connect.userid = sle_user.text > ln_connect.password = sle_password.text > ln_connect.driver = "jaguar" > ln_connect.options = > "ORBLogIIOP='true',ORBLogFile='c:\orb.log'" > > if cbx_ssl.checked then > ln_connect.location = "iiops://" > ln_connect.options = ln_connect.options + > ",ORBForceSSL='true'" > else > ln_connect.location = "iiop://" > end if > > ln_connect.location = ln_connect.location + sle_server.text > + ":" + sle_port.text > > ll_rc = ln_connect.ConnectToServer() > > if ll_rc = 0 then > ... > > > posting the code you are using and the return values that > > you are getting would be helpful for anyone trying to > > answer your question. > > > > Are you getting a success from the following functions? > > SSLServiceProvider l_sslsp > > getcontextservice( "SSLServiceProvider", l_sslsp ) > > l_sslsp.setglobalproperty( "QOP", "sybpks_strong" ) > > l_sslsp.setglobalproperty( "pin", "...." ) > > > > ll_rc = icn_jaguar.connectToServer() > > > > Alex > > > > > > wrote in message > > > news:[email protected]... I am > > > attempting to establish an SSL connection from a > > > PowerBuilder client to an EAServer component. I found a > > > Sybase Solved Case #10886461 all the way back from 2002. > > > I followed all of the suggestions from the case, however > > > I still cannot establish the SSL connection. Has > > anything changed in either PowerBuilder or EAServer since > > > then that would require a different approach to this > > > rather than what is listed in the referenced Case from > > above? > > > >
|
|
0 |
|
Alex
4/8/2008 8:34:51 PM
I tried removing the "ORBForceSSL='true'" from the connection object options and had no success. I am including port number 9001 in the single line edit that is used to populate the location property. And the orb log file is reporting a rather useless error message of: new_JagIIOPSSocket: failed. localhost/9001: Security error: "SCL Session Connect:Protocol layer error.:SSL protocol fatal alert.", (45,7,0,0) We are using EAServer 5.5 and I found a little "blurb" in the PowerBuilder 10.5 release notes that states: 5.4.6 SSL connection to EAServer fails EAServer versions 5.2 and later use Transport Layer Security (TLS) to establish secure connections between a client and server. TLS is a protocol based on the Secure Sockets Layer (SSL) that can authenticate both the client and the server and create an encrypted connection between them. PowerBuilder clients that rely on the previous version of the EAServer SSL client runtime and use mutual authentication cannot establish an SSL connection using the default settings. To disable support for TLS and use the previous version of the SSL client runtime, set the environment variable JAGSSL to true in the serverstart.bat file before you start EAServer. You can also set this environment variable in an EAServer client installation: set JAGSSL=true Unfortunately, I tried the above suggestion with no success either. I'm out of ideas here. If you can think of anything else, it would be much appreciated, otherwise, thank you so much for your help thus far. --------------- > try removing the "ORBForceSSL='true'" from the > connection object. I do not use this in my code. > > I also do not see anything where you force the port # to > 9001 when the cbx_ssl.checked is true. The code uses > whatever is in sle_port.text. > > What, if anything, is in the orb log file? > > the 57 error usually mean a bad server name or port > number. > > Alex > >wrote in message > news:[email protected]... > > I get a success return code from GetContextService and > > the 2 calls to the SetGlobalProperty. However, I keep > > getting a return code of 57 when I call ConnectToServer. > > I have an iiops listener on port 9001 setup on my Jaguar > > server using the EAServer Security Profile of "sample1". > > To experiment with this I simply used the code that was > > listed in Solved Case #10886461 as follows: > > > > long ll_rc > > > > int li_rc > > > > n_connection ln_connect > > > > SSLServiceProvider l_ssl > > > > this.getContextService("SSLServiceProvider", l_ssl) > > li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" > ) > > > if li_rc <> 0 then > > MessageBox("Error Setting SSL Parameters", "Error " + > > String(li_rc) + " when setting QOP") > > return > > end if > > > > li_rc = l_ssl.setglobalproperty( "PIN", "****" ) > > > > if li_rc <> 0 then > > MessageBox("Error Setting SSL Parameters", "Error " + > > String(li_rc) + " when setting PIN") > > return > > end if > > > > // Not using certificate label > > //if Trim(sle_certlabel.text) <> "" then > > //li_rc = l_ssl.setglobalproperty( "certificateLabel", > > //sle_certlabel.text ) > > > > //if li_rc <> 0 then > > //MessageBox("Error Setting SSL Parameters", "Error " + > > //String(li_rc) + " when setting certificate label") > > //return > > //end if > > > > end if > > > > ln_connect = CREATE n_connection > > ln_connect.userid = sle_user.text > > ln_connect.password = sle_password.text > > ln_connect.driver = "jaguar" > > ln_connect.options = > > "ORBLogIIOP='true',ORBLogFile='c:\orb.log'" > > > > if cbx_ssl.checked then > > ln_connect.location = "iiops://" > > ln_connect.options = ln_connect.options + > > ",ORBForceSSL='true'" > > else > > ln_connect.location = "iiop://" > > end if > > > > ln_connect.location = ln_connect.location + > > sle_server.text + ":" + sle_port.text > > > > ll_rc = ln_connect.ConnectToServer() > > > > if ll_rc = 0 then > > ... > > > > > posting the code you are using and the return values > > > that you are getting would be helpful for anyone > > > trying to answer your question. > > > > > > Are you getting a success from the following > > > functions? SSLServiceProvider l_sslsp > > > getcontextservice( "SSLServiceProvider", l_sslsp ) > > > l_sslsp.setglobalproperty( "QOP", "sybpks_strong" ) > > > l_sslsp.setglobalproperty( "pin", "...." ) > > > > > > ll_rc = icn_jaguar.connectToServer() > > > > > > Alex > > > > > > > > > wrote in message > > > > news:[email protected]... I am > > > > attempting to establish an SSL connection from a > > > > PowerBuilder client to an EAServer component. I > > > > found a Sybase Solved Case #10886461 all the way > > > > back from 2002. I followed all of the suggestions > > > > from the case, however I still cannot establish the > > > SSL connection. Has anything changed in either > > > > PowerBuilder or EAServer since then that would > > > > require a different approach to this rather than > > > what is listed in the referenced Case from above? > > > > > > > >
|
|
0 |
|
David
4/9/2008 8:47:16 PM
One thing that I am NOT doing is mutual auth. We only use the SSL to encrypt the traffic so there is no client cert. Alexwrote in message news:[email protected]... > I tried removing the "ORBForceSSL='true'" from the > connection object options and had no success. I am including > port number 9001 in the single line edit that is used to > populate the location property. And the orb log file is > reporting a rather useless error message of: > > new_JagIIOPSSocket: failed. localhost/9001: Security error: > "SCL Session Connect:Protocol layer error.:SSL protocol > fatal alert.", (45,7,0,0) > > We are using EAServer 5.5 and I found a little "blurb" in > the PowerBuilder 10.5 release notes that states: > > 5.4.6 SSL connection to EAServer fails > > EAServer versions 5.2 and later use Transport Layer Security > (TLS) to establish secure connections between a client and > server. TLS is a protocol based on the Secure Sockets Layer > (SSL) that can authenticate both the client and the server > and create an encrypted connection between them. > PowerBuilder clients that rely on the previous version of > the EAServer SSL client runtime and use mutual > authentication cannot establish an SSL connection using the > default settings. > > To disable support for TLS and use the previous version of > the SSL client runtime, set the environment variable JAGSSL > to true in the serverstart.bat file before you start > EAServer. > > You can also set this environment variable in an EAServer > client installation: > > set JAGSSL=true > > Unfortunately, I tried the above suggestion with no success > either. I'm out of ideas here. If you can think of anything > else, it would be much appreciated, otherwise, thank you so > much for your help thus far. > > --------------- > > > try removing the "ORBForceSSL='true'" from the > > connection object. I do not use this in my code. > > > > I also do not see anything where you force the port # to > > 9001 when the cbx_ssl.checked is true. The code uses > > whatever is in sle_port.text. > > > > What, if anything, is in the orb log file? > > > > the 57 error usually mean a bad server name or port > > number. > > > > Alex > > > > wrote in message > > news:[email protected]... > > > I get a success return code from GetContextService and > > > the 2 calls to the SetGlobalProperty. However, I keep > > > getting a return code of 57 when I call ConnectToServer. > > > I have an iiops listener on port 9001 setup on my Jaguar > > > server using the EAServer Security Profile of "sample1". > > > To experiment with this I simply used the code that was > > > listed in Solved Case #10886461 as follows: > > > > > > long ll_rc > > > > > > int li_rc > > > > > > n_connection ln_connect > > > > > > SSLServiceProvider l_ssl > > > > > > this.getContextService("SSLServiceProvider", l_ssl) > > > li_rc = l_ssl.setglobalproperty( "QOP", "sybpks_strong" > > ) > > > > if li_rc <> 0 then > > > MessageBox("Error Setting SSL Parameters", "Error " + > > > String(li_rc) + " when setting QOP") > > > return > > > end if > > > > > > li_rc = l_ssl.setglobalproperty( "PIN", "****" ) > > > > > > if li_rc <> 0 then > > > MessageBox("Error Setting SSL Parameters", "Error " + > > > String(li_rc) + " when setting PIN") > > > return > > > end if > > > > > > // Not using certificate label > > > //if Trim(sle_certlabel.text) <> "" then > > > //li_rc = l_ssl.setglobalproperty( "certificateLabel", > > > //sle_certlabel.text ) > > > > > > //if li_rc <> 0 then > > > //MessageBox("Error Setting SSL Parameters", "Error " + > > > //String(li_rc) + " when setting certificate label") > > > //return > > > //end if > > > > > > end if > > > > > > ln_connect = CREATE n_connection > > > ln_connect.userid = sle_user.text > > > ln_connect.password = sle_password.text > > > ln_connect.driver = "jaguar" > > > ln_connect.options = > > > "ORBLogIIOP='true',ORBLogFile='c:\orb.log'" > > > > > > if cbx_ssl.checked then > > > ln_connect.location = "iiops://" > > > ln_connect.options = ln_connect.options + > > > ",ORBForceSSL='true'" > > > else > > > ln_connect.location = "iiop://" > > > end if > > > > > > ln_connect.location = ln_connect.location + > > > sle_server.text + ":" + sle_port.text > > > > > > ll_rc = ln_connect.ConnectToServer() > > > > > > if ll_rc = 0 then > > > ... > > > > > > > posting the code you are using and the return values > > > > that you are getting would be helpful for anyone > > > > trying to answer your question. > > > > > > > > Are you getting a success from the following > > > > functions? SSLServiceProvider l_sslsp > > > > getcontextservice( "SSLServiceProvider", l_sslsp ) > > > > l_sslsp.setglobalproperty( "QOP", "sybpks_strong" ) > > > > l_sslsp.setglobalproperty( "pin", "...." ) > > > > > > > > ll_rc = icn_jaguar.connectToServer() > > > > > > > > Alex > > > > > > > > > > > > wrote in message > > > > > news:[email protected]... I am > > > > > attempting to establish an SSL connection from a > > > > > PowerBuilder client to an EAServer component. I > > > > > found a Sybase Solved Case #10886461 all the way > > > > > back from 2002. I followed all of the suggestions > > > > > from the case, however I still cannot establish the > > > > SSL connection. Has anything changed in either > > > > > PowerBuilder or EAServer since then that would > > > > > require a different approach to this rather than > > > > what is listed in the referenced Case from above? > > > > > > > > > > > >
|
|
0 |
|
Alex
4/10/2008 7:27:10 PM
Related Posts:
- SSL connection from a PowerBuilder client to an EAServer component
- superreview denied: [Bug 282182] sync xpfe general.xml with toolkit general.xml : [Attachment 217751] Av2 <general.xml>
- superreview granted: [Bug 282182] sync xpfe general.xml with toolkit general.xml : [Attachment 219626] Av3-XPFE <general.xml>++
- superreview requested: [Bug 282182] sync xpfe general.xml with toolkit general.xml : [Attachment 217751] Av2 <general.xml>
- superreview requested: [Bug 282182] sync xpfe general.xml with toolkit general.xml : [Attachment 219626] Av3-XPFE <general.xml>++
- I am Installing GWMobile 3.01 In the portion for SOAP configuration on the POA, since I want to use a SSL Connection Can I change the SOAP SSL to Enable and Not interrupt the connection for our existi
- EAServer 6.0 component integration With IIS web server component
- EAServer component execute component located on another CORBA server
- How can Java-class component work out its own EAServer package and component name ?
- I installed the Linux version of 1.1.18 and cannot access any SSL https site at all. The browser displays an alert that the "SSL protocol has been disabled". SSL protocol disabled in 1.1.18 Linux