Expose Rest - Set HTTP Security


I am exposing an API and it works find when selecting None for HTTP Security. However the data I am exposing is very sensitive and I need to make sure is secured. Therefore I changed the HTTP Security to SSL. When testing I get the error below.

We do have certificates installed in our QA and Prod windows remote server. But we do not in dev. I can understand the error in dev, but not in QA as there are certificates available, and we are using an https url.

I searched the forum and read that I needed the actions below in my method, so I added them. Still doesn't work. When debugging I don't see any values coming from those actions.



I am using postman to test the API, again, it works when the HTTP Security is set to none.

Error in our QA environment:

Could not get any response
Why this might have happened:
  • The server couldn't send a response:
    Ensure that the backend is working properly
  • Self-signed SSL certificates are being blocked:
    Fix this by turning off 'SSL certificate verification' in Settings > General
  • Proxy configured incorrectly
    Ensure that proxy is configured correctly in Settings > Proxy
  • Request timeout:
    Change request timeout in Settings > General

Hello Karin.

The actions that you mention - ClientCertificateGetDetails and ClientCertificateGetValue - are only useful when using Client Certificates (which is an advanced setup of SSL meant to authenticate both the server and the client).

Your service should work just fine in postman. So I will ask you to try and access a regular screen (not a rest service) with HTTPS in a regular browser, and see if you have any error on that case. If you have a self-signed certificate, as is suggested in the message that you get, then you will have to replace it with a trusted certificate, or choose to trust the self-signed certificate on all machines that are clients to that REST service.