on 2015 Dec 28 7:37 AM
I got this working on SA12 and SA16, but some of out clients still use SA11 and in there it does not work neither using the root sertificate nor the ones I found on United Nations website.
I need to get UN Blacklist XML periodically, same as Kumar back in 2009, however since 2015-10-14 UN website requires a certificate so I specify certificate like this:
CREATE OR REPLACE FUNCTION "DBA"."UNBlacklist"()
RETURNS LONG VARCHAR
URL 'https://www.un.org/sc/resources/files/consolidated.xml'
TYPE 'HTTP:GET'
CERTIFICATE 'cert=!cert';
where instead of !cert
I put Base-64 encoded certificate string that I got from UN site using Google Chrome or the root certificate I got from COMODO, I get the following error on SQL Anywhere version 11.0.1.3069 and 11.0.1.3158:
Invalid response from the HTTP server
SQLCODE=-988, ODBC 3 State="HY000"
However it works using versions 12.0.1.4231 and 16.0.0.2127 if root certificate from COMODO is provided.
Log file says this:
[connid = 20, 12/28 11:57:39.648]
[connid = 20, 12/28 11:57:39.648, REQUEST]
GET /sc/resources/files/consolidated.xml HTTP/1.0
Connection: close
ASA-Id: ed349e147ee948e6968bc918326c4f3a
Accept-Charset: windows-1257, UTF-8, *
Date: Mon, 28 Dec 2015 09:57:39 GMT
Host: www.un.org
User-Agent: SQLAnywhere/11.0.1.3069
[connid = 20, Error: socket closed by peer]
[connid = 20, socket closed]
Please help.
After some more testing I find out that the only certificate working with SA11 is the one issued for *.un.org:
With SA12 only the AddTrustExternalCARoot from Comodo website works.
And with SA16 You can use either same AddTrustExternalCARoot certificate as SA12 or the root COMODO SECURE™ certificate found on United Nations website:
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
User | Count |
---|---|
75 | |
10 | |
10 | |
10 | |
10 | |
9 | |
8 | |
7 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.