Question
· May 14, 2021

SSLConfig with ECC

Hello everyone,
I can choose between RSA and DSA. ECC seems to be unsupported.
Is there any workarounds without using external binary like curl?

Best regards
RY

Product version: Caché 2018.1
Discussion (5)0
Log in or sign up to continue

Hi,

The api endpoint (https://api.domain/service) is only accessible with a provided certificate and ecc key.
i would like to use the %Net.HttpRequest class with SSLConfiguration

my quick test with curl under windows
curl -v --location --request POST --key provided.pem --cert provided.pem --header "Accept: application/pdf" --header "Content-Type: application/json" --data @payload.json https://api.domain/service

Best regards
RY

Hi,

I want to access the api endpoint using the %Net.HttpRequest class and its SSLConfiguration property.

The provided credentials authenticate me as a valid user to make api requests.

Some endpoints are using RSA keys and they work as expected. But this particular endpoint uses a 256bit ecc key and there is no option to choose it.

How can I do it in Cache like i did with cURL? Currently I am using CPIPE and cURL as workaround.

Best regards
RY

//EDIT Saved as DSA..... debug output
error:10092010:elliptic curve routines:d2i_ECPrivateKey:EC lib
05/16/21-15:57:51:622 (2148) 0
error:100DE08E:elliptic curve routines:OLD_EC_PRIV_DECODE:decode error
05/16/21-15:57:51:622 (2148) 0
error:0D0680A8:asn1 encoding routines:ASN1_CHECK_TLEN:wrong tag
05/16/21-15:57:51:622 (2148) 0
error:0D07803A:asn1 encoding routines:ASN1_ITEM_EX_D2I:nested asn1 error
05/16/21-15:57:51:622 (2148) 0
error:0D08303A:asn1 encoding routines:ASN1_TEMPLATE_NOEXP_D2I:nested asn1 error
05/16/21-15:57:51:622 (2148) 0
error:0907B00D:PEM routines:PEM_READ_BIO_PRIVATEKEY:ASN1 lib
05/16/21-15:57:51:623 (2148) 0
error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib
05/16/21-15:57:51:623 (2148) 0
TPXMIT saw TCP device fail
05/16/21-15:57:58:014 (5052) 0 REDEBUG: new netdebugflags FF