Skip to Content (Press Enter)
2020-10-08 19-51-35
João Barata
Staff
562Views
6Comments
[HTTPS Consumer] How to use HTTPS Consumer
Question
REST
Forge
How-to
https-consumer
Web icon
HTTPS Consumer (O11)
Forge asset by João Barata

Initial Considerations

In order to be able to consume a Rest Endpoint that requires a client-side certificate, we will need to use the Rest Extensibility API

This component exposes 3 methods that already implement the needed .Net code.


Instructions for PaaS Infrastructures


For PaaS installations (Outsystems Cloud) you will need to open a Support Case requesting our support team to add the needed certificate to your infrastructure. You will then be provided the Certificate path needed to call this component actions. 

Make sure you send the certificate in a .pfx or .p12 format and that you provide the certificate password so that it can be added to the infrastructure.


Instructions for On-Premise Infrastructures

For On-prem installations, you will need to add the certificate into the Front-Ends trusted certificate stores.

Start by going to the server an place the .pfx or .p12 certificate into a folder. This folder will need to be the same across all the front-ends. 

Then follow the instructions to install the certificate on the front-end. Install a trusted root CA or self-signed certificate

You may also need to configure the TLS versions used on Integrations. Enable SSL Protocols for your Integrations


Available Methods


ConsumeWS_GET


This action will perform a GET request to the specified endpoint including the ClientSide Certificate

The component has a demo link that should let you make a Get request to test the API endpoint using a Client-Side Certificate


ConsumeWS_POST

This action will perform a POST request to the specified endpoint including the ClientSide Certificate

The component has a demo link that should let you make a Post request to test the API endpoint using a Client-Side Certificate


AddClientCertificate (Recommended)

This action will let you add the client-side certificate to a REST call using the platform built-in Rest mechanisms.

Go to the Rest Endpoint and add the OnBeforeRequestAdvanced action.


Add the AddClientCertificate action to the OnBeforeRequestAdvanced and pass in the certificate path configured on the previous step, password and TLS Version (Defaults to TLS1.2)


You can now use this endpoint as you would normally use any other Rest in Outsystems


3
0
23 Jan 2019
Copy Link
2020-10-08 19-51-35
João Barata
Staff

For On-Premise Infrastructures, it might also be needed to do the following steps after following the instructions to install the certificate on the front-end. Install a trusted root CA or self-signed certificate

Grant access to the certificates to IIS

  • Right-click on the certificates you just imported and access All Tasks -> Manage Private keys ...
  • Add users/groups NETWORK SERVICE and IIS_IUSRS (Windows 2008R2) or IIS_WPG (Windows 2003) with at least Read access. 
  • Click Apply and close the dialog.
0
0
25 Mar 2019
Copy Link
2021-08-02 05-37-03
Madhavan Selvaraj

Hi Joao,

I followed all the steps mentioned by you.

But I don't find option to add  IIS_IUSRS or IIS_WPG in the user group.

I added Network Service and provided full access.

We are using Windows server 2019.

For the HTTPS Consumer component:

I followed the steps to add the certificate and enabled TLS protocol as client.

But still I am getting the error "The request was aborted. Could not create SSL/TLS secure channel"


Kindly advise me in this issue.


Thanks & Regards,

Madhavan



0
0
15 Sep 2022
Copy Link
2021-09-08 08-01-41
Lorena Sabou

Hi Joao,


I see the above scenario targets consumed REST APIs.

In the case of exposed REST services, how would this component work? 


I have a case where all the exposed APIs from OutSystems (Cloud installation) should be protected by a certificate. I am a bit confused regarding how the certificate should be issued considering that OutSystems will be the server in this case and other apps the clients (we also use ESB for some integrations).


PS: I can't see the OnBeforeRequestAdvanced/OnAfterResponseAdvanced callbacks in my Service modules, what could be the problem here?


Kind regards,

Lorena Sabou


0
0
28 Jul 2021
Copy Link
2021-09-08 08-01-41
Lorena Sabou

Hi Joao,


Don't mind my PS question. Actually for my exposed API I can only see the OnRequest callback, but for consumed APIs indeed I can see the OnBeforeRequest and OnBeforeRequestAdvanced callbacks. However, in our case we are talking about exposed web services..

0
0
28 Jul 2021
Copy Link
2020-10-08 19-51-35
João Barata
Staff

Hi Sabou,

Unfortunately, this component is only for consume external Rest endpoints that require client certificates.

As for validating client certificates on exposed REST endpoints, I suggest you take a look at this forum post:

https://www.outsystems.com/forums/discussion/64876/validate-client-certificates-in-exposed-webservice-in-os-cloud/


Regards,

0
0
02 Aug 2021
Copy Link
2021-08-02 05-37-03
Madhavan Selvaraj

hi Joao,

Hope you are doing good!

I am using https consumer component to consume a REST API.

We need to add pfx certificate in the API call.

I followed the steps as you mentioned in the documentation of the component.

In the Onbefore Request advanced action, i added the 'Add certificate' action and entered the path, password and TLS Version (1.2).

Still we are getting the error "The request was aborted. Could not create SSL/TLS secure channel"


Could you please help us to fix the issue.


Thanks & Regards,

Madhavan


0
0
21 Sep 2022
Copy Link
Community GuidelinesBe kind and respectful, give credit to the original source of content, and search for duplicates before posting.