on 2013 Dec 12 1:56 AM
I created identity-file and certificate using the createcert-utility:
X.509 Certificate ----------------- .... Serial Number: 6cde1cf266d64bca971ae9042f27996f Issued: Jun 11, 2013 15:40:00 Expires: Jun 12, 2018 15:40:00 Signature Algorithm: RSA, SHA1 Key Type: RSA Key Size: 2048 bits Basic Constraints: Is not a certificate authority Key Usage: Digital Signature, Key Encipherment, Data Eqipherment
I use following -xs options for my web-server:
-xs https(FIPS=N;PORT=8020;Identity=MSU.id;Identity_Password=...)
I create following procedure:
create procedure "dba"."fa_CMC_authentication"( urlSpec long varchar, userPasswordEncoded long varchar, certificatekey long varchar) URL '!urlSpec' TYPE 'HTTP:POST' HEADER 'Authorization: Basic !userPasswordEncoded' CERTIFICATE '!certificatekey' ;
I run:
call "dba"."fa_CMC_authentication"( 'https:// ... :8020/ ... / ... ', ' ... ', 'certificate= ... ');
For SQL Anywhere Network Server Version 12.0.1.3967:
But for SQL Anywhere Network Server Version 12.0.1.3994:
EXCEPTION at 2013-12-12 09:42:30.264: SQLCODE = -983, SQLSTATE = WW052, ERRORMSG() = HTTP request failed. Status code '<NONE>'
My apologies, there was an error in my description of the Certicom / OpenSSL changes. One of the changes was listed under the FIPS-related changes, but it applies to non-FIPS as well. I've updated the list.
Speifically, if you're going to use a self-signed certificate in your identity file, that certificate must have the "certificate signing" attribute, so you need to re-create the certificate and make sure that attribute is set (option 6 in Key Usage).
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.
Thanks,
IF certificate:
Signature Algorithm: RSA, SHA1 Key Type: RSA Key Size: 2048 bits Basic Constraints: Is not a certificate authority Key Usage: Digital Signature, Key Encipherment, Data Encipherment, Certificate Signing
then
for SQL Anywhere Network Server Version 12.0.1.3967 - OK
for SQL Anywhere Network Server Version 12.0.1.3994 - OK
User | Count |
---|---|
67 | |
8 | |
8 | |
6 | |
6 | |
6 | |
6 | |
6 | |
5 | |
5 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.