New post

#SSL

6

Secure Sockets Layer (SSL) is a standard security technology for establishing an encrypted link between a server and a client - typically a web server (website) and a browser, or a mail server and a mail client.

Learn more.

I have posted to aid others in diagnosing problem with SSL/TLS connections to superserver port from .NET client executable.

The cache instance this appeared on is quite old - 2011 - so I do not know if Intersystems have added a better error message in a later version

The actual fault was due to the certificate in the %SuperServer SSL/TLS configuration having expired.

The unhelpful message that appeared in the .NET client included the following partial stack trace.

0 0
0 1K
Article
· Nov 14, 2016 1m read
openssl for Windows

Question:

Where can I find the openssl command line tool for Windows?

Answer:

The openssl command line utility comes with Unix, but not with Windows. It is used for working with security certificates.

The main site is

https://www.openssl.org/

There are no binaries on this site but in the Community section there is a link for binaries which leads to:

1 0
0 951

I am using OAuth2 Cache framework, acting as a client to an authorization server. My setup is based on this excellent previous post [Caché Open Authorization Framework (OAuth 2.0) implementation – part 1].

I'm facing ‘Authorization Server Error: Error Processing Response - No match between server name 'googleapis.com' and SSL certificate values google.com…’

It looks like I should set SSLCheckServerIdentity to false but I can’t figure out how. Has anyone had the same issue?

0 4
0 1.2K

Hi,

I'm posting this for the benefit of others. Not often one changes certificates in Cache, at least in my case. I run a system, that uses certificates to encrypt SOAP messages, and since the last time I ran it, my certificates expired.

So I renewed them using our PKI tool, so far so good. I gave all (3) certificates the same names (and filenames too) as to those expired, thinking that everything would just work fine next time I call the SOAP service.

Unfortunately, I got trapped.

2 0
0 598