secured webservice communication

hi,

we have here a .net app using the content webservices (e.g. 'authentication' to logon) to connect to content server 10. Everthing works fine.

Now we want to secure the communication between the app and the CS. We configured the CS to work with HTTPS . This works and we can connect by webbrowser with HTTPS to the CS.

Then we configured our app to connect via HTTPS but this did not work.

When we put the following webservice string we use in the app..

'https://cdtvm-content10.opentext.net/les-services/Authentication.svc'

into a web browser, we receive a valid response.

But in the app, it did not work.

Does anyone have an idea?

Steven.

Find more posts tagged with

Comments

Bill_Miller

Have you checked the certificate to ensure that it’s trusted by the Java JVM that is running Tomcat and CWS? By default Sun/Oracle JVMs don’t come preinstalled with all of the Certificate Authorities that are available in the world, so you may have to import the certificate (or the CA) into the trust store of the JVM. The RCS administration guide contains information on how to do that (see the SSL configuration section). I don’t know which version of RCS you’re hosting CWS on so I can’t suggest a link.

Bill
~~~
Bill Miller
Senior Java Developer | Research and Development - Runtime and Core Services

Phone: (519) 888 7111 extension 2947
Website: www.opentext.com
This email message is confidential, may be privileged, and is intended for the exclusive use of the addressee. Any other person is strictly prohibited from disclosing orreproducing it. If the addressee cannot be reached or is unknown to you, please inform the sender by return email and delete this email message and all copies immediately.

From: eLink Entry: Content Web Services Forum [mailto:otdncontentwebservices971forum@elinkkc.opentext.com]
Sent: May-08-12 10:49 AM
To: eLink Recipient
Subject: secured webservice communication

secured webservice communication

Posted bysgonder@opentext.com (Gonder, Steven) On 05-08-2012 10:44

hi,

we have here a .net app using the content webservices (e.g. 'authentication' to logon) to connect to content server 10. Everthing works fine.

Now we want to secure the communication between the app and the CS. We configured the CS to work with HTTPS . This works and we can connect by webbrowser with HTTPS to the CS.

Then we configured our app to connect via HTTPS but this did not work.

When we put the following webservice string we use in the app..

'https://cdtvm-content10.opentext.net/les-services/Authentication.svc'

into a web browser, we receive a valid response.

But in the app, it did not work.

Does anyone have an idea?

Steven.

[To post a comment, use the normal reply function]
Forum:	Content Web Services Forum
Content Server:	Knowledge Center

Appu_Nair

Your opentext colleaugue assumes you are already java and have RCS in your setup.I tried this as I had to do some stuff with Content Webservices or enterprise webservices yesterday.My livelink server is a windows 2k8 vm with IIS running.I made my website https and then I took the C# code I did yesterday and updated the service references to like

https://appuw2k8vm/les-services/authentication.svc.I got a message saying do you trust this certificate and then the program compiled and worked without any issue.

You say it did not work.what did not work?

Can you clarify whether you are trying pure livelink(conetnt server) web services or the RCS layer(ELS webservices)

I collected some screen caps so you can see what I did.

Created the contract the webservice tool asked me if I would accept the self signed cert I said yes

Appu_Nair

I understand the mistake I did.If I change the bindings to https in the app.config I get this error

**************************************************

Error: The provided URI scheme 'https' is invalid; expected 'http'.
Parameter name: via

*******************************************************

So just changing that in service references don't really mean anything.

I will keep trying to understand what it should be really

Appu_Nair

I basically got it working by going thru this website

http://social.msdn.microsoft.com/Forums/uk/windowsazuredevelopment/thread/0f554a9e-abe8-490b-bbd0-66cd964c7a6f

In a nut shell here is what I did.In the webserver where the webservice was setup I edited the Web.Config file

<service behaviorConfiguration="AdminServiceBehavior" name="OpenText.Livelink.Service.Core.AdminService_WCF">
                <endpoint address="" binding="basicHttpBinding" bindingConfiguration="AdminServiceBinding"
                    bindingNamespace="urn:Core.service.livelink.opentext.com"
                    contract="OpenText.Livelink.Service.Core.IAdminService_WCF" />

I took off the comments where the SSL stuff was commented out.

Then back to my client computer and my C# IDE I updated the references.I accepted the certificate from the other computer.After it updated the app.config I went and removed the http instances.Perhaps this is unnecessary but this is what my <client></client> looks now

At this point I got ""Could not establish trust relationship for the SSL/TLS secure channel with authority". to which I just typed in my client computer's IE https://appuw2k8vm.I accepted the certificate,Then I installed the certificate in this computer to where the website said it goes and Voila....

Try that approach to see if it helps

Steven_Gonder

Quoted billm@opentext.com on 2012-05-09 10:14:

Hi Bill,

we are trying to connect to a Content Server running with IIS.

To communicate, we are using the standard Content Server Webservices, not the Enterprise Library Webservices.

We also have to get it work with a Tomcat based system, but this will follow in a second task later on.

Steven.

Bill_Miller

Sorry about that, I realized that Tomcat/RCS may not be in use AFTER I sent the message. Other posters have corrected me and hopefully given appropriate clues on how to fix it in IIS.

In general, the idea about what is probably wrong (Certificate not installed where IIS can find it) is essentially correct... albeit not completely helpfulJ.

From: eLink Entry: Content Web Services Forum [mailto:otdncontentwebservices971forum@elinkkc.opentext.com]
Sent: May-09-12 4:19 AM
To: eLink Recipient
Subject: RE secured webservice communication 2

RE secured webservice communication 2

Posted bysgonder@opentext.com (Gonder, Steven) On 05-09-2012 04:14

Quoted billm@opentext.com on 2012-05-09 10:14:

Hi Bill,

we ar! e trying to connect to a Content Server running with IIS.

To communicate, we are using the standard Content Server Webservices, not the Enterprise Library Webservices.

We also have to get it work with a Tomcat based system, but this will follow in a second task later on.

Steven.

[To post a comment, use the normal reply function]
Topic:	secured webservice communication
Forum:	Content Web Services Forum
Content Server:	Knowledge Center