LAE

 View Only

  • 1.  HTTPS using client certificate authentication

    Employee
    Posted 03-27-2017 00:26

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: Pedro Pablo

    We have to consume a SOAP web service over HTTPS using client certificate authentication. We don�t know how to use http node to do that. Could you help us?


  • 2.  RE: HTTPS using client certificate authentication

    Employee
    Posted 03-28-2017 08:18

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: gmullin

    Are you receiving an error about certificates? You might have to add the site's cert to your cacerts truststore file. Have a look at the attachment for information on how to do it.

    Lavastorm Analytics Engine and SSL connections guide v1.0.pdf


  • 3.  RE: HTTPS using client certificate authentication

    Employee
    Posted 03-31-2017 02:35

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: Pedro Pablo

    I have read the document and talk about server certificates. I need to send the client certificate to authenticate me and I do not know if it can do with the HTTP node or I have to configure some Lavastorm parameters or JVM


  • 4.  RE: HTTPS using client certificate authentication

    Employee
    Posted 03-31-2017 04:56

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: gmullin

    Are you getting an error related to certificates? Or can post what message you receive when you try to authenticate via the HTTP node?

    Just to note, you have a truststore file on a desktop install also. The location is the same:

    <LAE_Install_Dir>\jre\jre\lib\security\cacerts

    keytool.exe. is in the jre/bin directory also.


  • 5.  RE: HTTPS using client certificate authentication

    Employee
    Posted 04-03-2017 00:36

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: Pedro Pablo

    I am getting an error related to client certificates. The message I receive is : "Error 403. Error of identification. No digital certificate is detected or selected incorrectly."


  • 6.  RE: HTTPS using client certificate authentication

    Employee
    Posted 04-20-2017 13:31

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: prasmussen

    I'm not aware of the ability to pass certificates on an REST call as the certificate is handled as part of the https process. I've seen similar types of issues when the content type is not set. Please try to add the following to the "Optional Input" tab for the Content Type parameter: application/x-www-form-urlencoded

    The http node handles https web services, so that is definitely the right node. Does your documentation for the REST API specify anything specific in the header? Is it using OAuth2? Any more background you can provide may offer more clues.


  • 7.  RE: HTTPS using client certificate authentication

    Employee
    Posted 04-20-2017 14:44

    Note: This was originally posted by an inactive account. Content was preserved by moving under an admin account.

    Originally posted by: ejones

    Hi Pedro,
    The 403 error code is an authentication failure. And clearly the message is saying that the correct certificate has not been provided.
    I have two ideas about what it is saying here and here are my thoughts (1b is what I feel is closest to answering your question)

    1a) Since you are using HTTPS you are using the security that comes with SSL. That process involves validating certificates to verify authenticity and for encryption. LAE deploys with Java which has the standard set of certificates installed with it. Making sure you have the latest versions of our releases helps to ensure you have the latest versions of the standard SSL certificates.

    1b) Often, for security reasons with HTTPS and SSL, a server will not be using the standard certificates and you will need to install a client certificate. If this is the case there has to be some documentation as to how this would be done. If you could provide that information then we could help you apply it to the LAE environment. I expect this documentation to involve using the keytool command that comes with Java and is described on this page where someone has a similar challenge, http://stackoverflow.com/questions/1...authentication Also make sure you've studied the document provided by gmullin. It helps point out where to find the certificate file you would need to modify and may provide everything you need.

    2) There might be an added layer of security using certificates that is nonstandard. If that is the case than we have no information about working with it.