.Net 4.5
OE11.6.3
Hi All,
I've been beating my head against a wall looking at documentation. I have an appserver running with SSL enabled, and can connect fron WebClient OK using "-URL AppServerDCS://yada.com:port -nohostverify" ok. I put the certificate in a path and add the -certstorepath to the webclient startup, and all is OK.
I have a .Net OpenClient proxy that currently can connect to AppServer without SSL, that is cool too.
But now I want the .Net open client to connect to the SSL appserver.
Connection oConn = new Connection("AppServerDCS://yada.com:26604/demo", "UserID, "Password", "");
oConn.SetProperty("PROGRESS.Session.NoHostVerify", "TRUE");
I get
Exception: A call to SSPI failed, see inner exception.
Exception: A call to SSPI failed, see inner exception.
SessionPool : NoAvailableSessions[Could not connect to the AppServer: General Error: Object reference not set to an instance of an object.. (7203) ]
The symptoms look the same as when I was trying SSL on Webclient, and did not have the certificate in the certstorepath. No Available Sessions seems to be the default error for a myriad of connection sins!
But the OpenClient .Net does not have a certstorepath option (Java Does).
The documentation rabbit hole, the final bit I get to is
Microsoft .NET has its own method for managing digital certificates that you can use to access root certificates from the OpenEdge certificate store. For more information, see the Microsoft .NET documentation.
So I have loaded my root certificate and still get the error.
Has anyone else worked their magic on this one and got it to work.
Thanks.
Mark Roberts
Thanks Brian,
Tried both of those, and neither worked.
For the webclient, I have a file in the certstorepath called 0be8b7fe.0. It was the magic that allowed the connection.
I tried variations of loading certificates to the windows PC running the .Net OpenClient and nothing has worked so far.
On the server I have the pem file in the keys directory and the .0 file in the certs directory.
In my (unfortunately limited) knowledge of SSL, I am confused about which one of these gets installed on the .Net client PC, and where it gets installed.
Mark
Thanks again Brian for your help,
Turns out my certificate was loaded OK, but in my pre-weekend brain fade, the appserver I was connecting to was 10.2B08 (not 11.6) ... a quiet weekend of reflection and systematic checking on Monday highlighted the bleeding obvious :)
For the record, that particular issue can be resolved by adding the following line
RunTimeProperties.SSLProtocols = "TLSv1";
The KBase entry for this issue shows a different error in the broker log than I was experiencing.
Also your solution was another of my problems, and the RunTimeProperties.NoHostVerify = true was the correct use of that parameter.
Thanks
Mark.