Hi community,
We have a wsdl that was used to build the integration module, and we need to send a certificate on the soap.
For that we used the onBeforeRequest (we also have a issue here, because we have to use session variables since we dont have context or inputs to send data here) , to send the certificate with SOAPExtensibility - SetClientCertificate integration - but we get an error here - see image on attachment. We are sending the binary data and the password, to the integration. Also, if we force a call do the webservice we get this :
----------
Source
SOAP (Consume)
Action
SeriesWSService.registarSerie
Error Message
There was no endpoint listening at https://servicos.portaldasfinancas.gov.pt:722/SeriesWSService that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Stack
[1] There was no endpoint listening at https://servicos.portaldasfinancas.gov.pt:722/SeriesWSService that could accept the message. This is often caused by an incorrect address or SOAP action. See InnerException, if present, for more details.
Server stack trace:
at System.ServiceModel.Channels.HttpOutput.WebRequestHttpOutput.GetOutputStream()
at System.ServiceModel.Channels.HttpOutput.Send(TimeSpan timeout)
at System.ServiceModel.Channels.HttpChannelFactory`1.HttpRequestChannel.HttpChannelRequest.SendRequest(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.RequestChannel.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)
Exception rethrown at [0]:
at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
at ssATCUD_IS.ssProxy.SeriesWS.registarSerie(registarSerieRequest request)
at ssATCUD_IS.CcSeriesWSService.ActionregistarSerie(HeContext heContext, ICcSeriesWSServiceCallbacks _callbacks, String inParamserie, String inParamtipoSerie, String inParamclasseDoc, String inParamtipoDoc, String inParamnumInicialSeq, DateTime inParamdataInicioPrevUtiliz, String inParamnumCertSWFatur, String inParammeioProcessamento, STseriesRespStructure& outParamregistarSerieResp)
[2] Unable to connect to the remote server
at System.Net.HttpWebRequest.GetRequestStream(TransportContext& context)
at System.Net.HttpWebRequest.GetRequestStream()
[3] A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond 62.28.254.207:722
at System.Net.Sockets.Socket.DoConnect(EndPoint endPointSnapshot, SocketAddress socketAddress)
at System.Net.ServicePoint.ConnectSocketInternal(Boolean connectFailure, Socket s4, Socket s6, Socket& socket, IPAddress& address, ConnectSocketState state, IAsyncResult asyncResult, Exception& exception)
SOAP Trace:
Request Headers:SeriesWSService: <wss:UsernameToken><wss:Username>164384499</wss:Username> <wss:Password>UUhjcjlYc0pHSThwR2d5NjlxK3BVT1N6RE45czVCOHpwVjNuN2lYTVlHdnBUc0FwUVBlV2MvVkcvRXpHczE0M3BQdlZGNU1HTXE1d0lHWG55eUFuUkE9PQ==</wss:Password> <wss:Nonce>OddXOzg157f4FWfMmfyw+g==</wss:Nonce> <wss:Created>ZXdjYWVyNFNZQ3hXVFZNNEp0SE1VdXFjY0FuVzFIa0VJY0dGODNLVExSR25ZRHRNT2cxSnR0eW1qMlN6dUlrQkM1VTVYUUNCZ1ZMam5QdlBSVW1aaTZXYWN4YXRHSVN1Q292M0IvZ2llK3c9</wss:Created></wss:UsernameToken>
Request message:<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Header> <Action s:mustUnderstand="1" xmlns="http://schemas.microsoft.com/ws/2005/05/addressing/none">http://at.gov.pt/SeriesWS/registarSerieRequest</Action> </s:Header> <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <registarSerie xmlns="http://at.gov.pt/"> <serie xmlns="">1</serie> <tipoSerie xmlns="">N</tipoSerie> <classeDoc xmlns="">MG</classeDoc> <tipoDoc xmlns="">FS</tipoDoc> <numInicialSeq xmlns="">2</numInicialSeq> <dataInicioPrevUtiliz xmlns="">2022-10-01</dataInicioPrevUtiliz> <numCertSWFatur xmlns="">SW321</numCertSWFatur> <meioProcessamento xmlns="">PF</meioProcessamento> </registarSerie> </s:Body></s:Envelope>Response Headers:Response message:
While on SOAPui we have handshake failure (suposedly because we are not sending any certificate).
On outsystems it complains that there was no endpoint listening
Can someone help with these issues? Thanks in advance.
Update.
As mentioned we were looking for a configuration. The file was being loaded into the SOAPext action, but error was inside the extension.
found the solution here:
https://stackoverflow.com/questions/17840825/cryptographicexception-was-unhandled-system-cannot-find-the-specified-file
1. Go to IIS Manager
2. Go to the application pool instance
3. Click advanced settings
4. Under Process model, set Load User Profile to true
Hi Rui,
Confirm if the certificate is installed on the server and HERE:
Hello, Yes, the certificate .pfx is there
New update:
Tried in my personal environment, and i can call the SOAP (returns error, but that was expected), but the service returns something. I am using SOAP extensibility SetClientCertificate in order to get a response.
But on the onPrem client environment the SOAP extensibility SetClientCertificate returns an error:
Error detail
Back to LogIdf8f47298-73f3-4da6-ae18-ab85a1367a6eTime of Log05-12-2022 16:43:15Request Key3d5b09c1-d114-4df2-8bf4-2a60c5a27facModuleATCUD_APITenantUsersUserSession Id0AN6JhYszky43IJcq+tPlw==ServerSDOSYDPSV01SourceExtension methoMessage
The system cannot find the file specified.
Environment InformationeSpaceVer: Id=66572, PubId=0, CompiledWith=11.12.1.30548RequestUrl: https://outsystem-dev.auchan.pt/ATCUD_API/rest/ATCUD/RegisterSeries?AppCode=OMS&ApiKey=08d8173b-435e-49d0-8ccd-0eaa3339ea93&NewSeriesCode=123&StartDate=2022-11-01&DocClass=2&DocType=1&SeriesFirstNumber=99 (Method: GET)AppDomain: /LM/W3SVC/1/ROOT/ATCUD_API-314-133143063082837332FilePath: E:\...\PS\running\ATCUD_API.01990432107\ClientIp: 172.23.11.3Locale: en-USDateFormat: dd-MM-yyyyPID: 4440 ('w3wp', Started='21/11/2022 21:42:07', Priv=1457Mb, Virt=2108086Mb)TID: 78Thread Name:.NET: 4.0.30319.42000Stack
The system cannot find the file specified. at System.Security.Cryptography.CryptographicException.ThrowCryptographicException(Int32 hr) at System.Security.Cryptography.X509Certificates.X509Utils._LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle& pCertCtx) at System.Security.Cryptography.X509Certificates.X509Utils.LoadCertFromBlob(Byte[] rawData, IntPtr password, UInt32 dwFlags, Boolean persistKeySet, SafeCertContextHandle pCertCtx) at System.Security.Cryptography.X509Certificates.X509Certificate.LoadCertificateFromBlob(Byte[] rawData, Object password, X509KeyStorageFlags keyStorageFlags) at System.Security.Cryptography.X509Certificates.X509Certificate2..ctor(Byte[] rawData, String password) at OutSystems.NssSOAPExtensibility.CssSOAPExtensibility.MssSetClientCertificate(Byte[] ssClientCertificateByteArray, String ssCertificatePassword) at ssATCUD_IS.RssExtensionSOAPExtensibility.MssSetClientCertificate(HeContext heContext, Byte[] inParamClientCertificateByteArray, String inParamCertificatePassword)
We are even passing the certificate from database as a binary, but it returns the same error.
Is there any configuration on the platform that can provoke this?
I was able to use the soap Extensibility - Set Client Certificate using a certificate file .cer.
It was installed in both servers, the client and destination server.
In the client server was installed in a specific path location.
That location path was used to load the binary from server and provide to Set Client Certificate method also with the password.
Hope that it helps you
just to add a screenshot
Hope that it helps you,