Enabling SSL / TLS on an InterSystems (soap) web service, part 2

SSL, Ensemble

We are in the process of setting enabling SSL on a soap web service exposed via InterSystems, but are running into trouble. We have installed our certificates on our webserver (Apache 2.4) and enabled SSL over the default port 57772. However, we now get an error when sending a soap message to the web service (it used to work over http). Specifically the CSP gateway refuses to route te emssage the soap web service:

<SOAP-ENV:Envelope SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:s="http://www.w3.org/2001/XMLSchema">

  <SOAP-ENV:Body>

     <SOAP-ENV:Fault>

        <faultcode>SOAP-ENV:Server</faultcode>

        <faultstring>CSP Gateway Error (version:2016.1.2.209.0 build:1601.1554e)</faultstring>

        <detail>

           <error xmlns="http://tempuri.org">

              <special>Systems Management</special>

              <text>Invalid Request : Cannot identify application path</text>

           </error>

        </detail>

     </SOAP-ENV:Fault>

  </SOAP-ENV:Body>

</SOAP-ENV:Envelope>

Probably either the CSP gateway or the web server was misconfigured. Anyone an idea in which direction we might look. (BTW accessing the management port now returns the same error as does using SSL port 443).

PS this issue was also submitted to WRC

  • 0
  • 0
  • 602
  • 0
  • 1

Answers

Tom,

I presume by now you've had this answered by the WRC, but the issue is most likely that the private Apache web server that ships with Caché/Ensemble does not currently support SSL.  In order to configure SSL, you would need to configure a full Apache or IIS web server, which is typically recommended for any public-facing, production-level deployment anyway.

-Steve