Forum Discussion
Hi Bill,
okay, i was not aware of that. The client was sent our certificate, port info, etc, (everything needed to get through their firewall) but you are saying i still need to do that on my end??
When you say "client" it's sort of confusing because I'm used to client/server in the sense the client sends a REST request or SOAP request to a server. So I hope I am understanding you write.
I don't work with WSDL, so my advice might be totally off. But your own title of the problem is the person who sent you the endpoint does not want you to use the endpoint. The SSL-related error message you got indicated you attempted to use that endpoint. And that got my attention.
Back to your original question, I would not know how to validate their endpoint except with a ping command, since you are not supposed to use their endpoint!
- alphaack6 years agoOccasional Contributor
Ha, sorry for the confusion, i meant a business client. So this keystone would need their certificate info, or mine. They had us provide our certificate, port info, IP, etc. They use that to let us through their firewall.
So does a keystone file typically have your own info, or the info for the firewall you are trying to get through??
- Bill_In_Irvine6 years agoContributor
Again I caution you about my lack of knowledge of working with WSDL. But yes the keystore will need their certificate info. That is, they would have to provide you a certificate and a private key fort the activity that caused you to get the SSL exception. Normally they would name the two blobs something like client.crt and client.key. At least that is what my developers give me whenever I need to test their endpoint's REST API. And your role in this case is client.
I normally combine the certificate and key into a p12-format file I think using openssl commands. Then from there use the keytool linux command to go from p12 to the keystore file.
And yes the keystore file typically has the info that your :"business client" must provide for you so that you can get through their firewall.
- alphaack6 years agoOccasional Contributor
Bill,
no worries, you're way beyond me. What you explain is interesting, because this business client had us supply them with OUR certificate, etc. So you're saying i need THEIR info as well??
The WSDL is defined with no authentication, so my understanding is that by providing them with our certificate, port info, etc, this is how they "vet" us and allow us to go through their firewall and consume their web service....
Al