| Author |
Message
|
| vdharanikota |
 Posted: Tue Aug 05, 2014 5:29 am Post subject: How to get a Respose from Google webservice dynamically |
 |
|
Novice
Joined: 07 Jul 2014
Posts: 18
|
Hi,
I have been trying to get the location details from Google webservice by giving input information(xml) latitude, longitude and timestamp.
I'm using the following message flow:
MQInput --> Compute node --> HttpRequest --> MQoutput
Input:
<Root>
<latitude>39.6034810</latitude>
<longitude>-119.6822510</longitude>
<timestamp>1331766000</timestamp>
</Root>
In using the following esql code to override the HttpRequest Webservice URL
DECLARE concat CHARACTER;
DECLARE latitude CHARACTER InputRoot.XMLNSC.Root.latitude;
DECLARE longitude CHARACTER InputRoot.XMLNSC.Root.longitude;
DECLARE time_stam CHARACTER InputRoot.XMLNSC.Root.timestamp;
SET concat = 'location='||latitude||','||longitude||'×tamp='||time_stam;
SET OutputRoot.HTTPRequestHeader.Host = 'https://maps.googleapis.com';
SET OutputRoot.HTTPRequestHeader."Content-Type" = 'text/xml';
SET OutputRoot.HTTPRequestHeader."X-Original-HTTP-URL"= 'https://maps.googleapis.com/maps/api/timezone/xml?'||concat;
output from compute node
X-Original-HTTP-URL:CHARACTER:https://maps.googleapis.com/maps/api/timezone/xml?location=39.6034810,-119.6822510×tamp=1331766000
After hitting HttpRequest it is giving the following error messages:
1.A Web Service request has detected a SOCKET error whilst invoking a web service located at host &1, on port &2, on path &3.
2.An error occurred whilst performing an SSL socket operation
3.Connection refused: connect
 |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Tue Aug 05, 2014 5:35 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
So you're trying to establish an SSL connection to an external server, and you haven't trusted the external server's certificate, or it's signer.
Note - most Browsers come with trust stores that include valid certificates for most public CAs.
Note - Broker doesn't. |
|
| Back to top |
|
|
| McueMart |
| Posted: Tue Aug 05, 2014 5:40 am Post subject: |
|
|
Chevalier
Joined: 29 Nov 2011
Posts: 490
Location: UK...somewhere
|
If you are using Chrome, stick the "https://maps.googleapis.com/maps/api/timezone/xml?location=39.6034810,-119.6822510×tamp=1331766000" in your browser, click on the Green Padlock, click Connection -> Certificate information.
This should give you details about the signer certs etc you will need to trust. |
|
| Back to top |
|
|
| vdharanikota |
| Posted: Wed Aug 06, 2014 3:07 am Post subject: |
|
|
Novice
Joined: 07 Jul 2014
Posts: 18
|
Hi thank you for your response...
I have created a signer certificate name googlemaps for this url:https://maps.googleapis.com/maps/api/timezone/xml?location=39.6034810,-119.6822510×tamp=1331766000 and still I'm facing the same problem...
Then tried to configure SSL over HTTP with below commands...
ikeycmd -keydb -create -db D:\VDH\SSL\Chromegooglekeystorelatest.jks -pw ***** -type jks
ikeycmd -keydb -create -db D:\VDH\SSL\Chromegooglestruststorelatest.jks -pw ***** -type jks
ikeycmd -cert -add -db D:\VDH\SSL\Chromegooglestruststorelatest.jks -pw ***** -label MB8KCBCert -file D:\VDH\SSL\googleca.crt
mqsichangeproperties IB9NODE -o BrokerRegistry -n brokerKeystoreFile -v D:\VDH\SSL\Chromegooglekeystorelatest.jks
mqsichangeproperties IB9NODE -o BrokerRegistry -n brokerTruststoreFile -v D:\VDH\SSL\Chromegooglestruststorelatest.jks
mqsireportproperties IB9NODE -o BrokerRegistry -r
mqsistop IB9NODE
mqsisetdbparms IB9NODE -n brokerKeystore::password -u ignore -p *****
mqsisetdbparms IB9NODE -n brokerTruststore::password -u ignore -p *****
mqsistart IB9NODE
mqsireportproperties IB9NODE -o BrokerRegistry -r
mqsichangeproperties IB9NODE -b httplistener -o HTTPListener -n enableSSLConnector -v true....
Did I miss any other commands ? please suggest me... thanks in advance.
Last edited by vdharanikota on Wed May 04, 2016 12:23 am; edited 1 time in total |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Aug 06, 2014 4:36 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| vdharanikota wrote: |
| I have created a signer certificate name googlemaps for this url:https://maps.googleapis.com/maps/api/timezone/xml?location=39.6034810,-119.6822510×tamp=1331766000 and still I'm facing the same problem... |
You've forged a certificate for Google Maps and wonder why it still doesn't work? 
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| vdharanikota |
| Posted: Wed Aug 06, 2014 5:48 am Post subject: |
|
|
Novice
Joined: 07 Jul 2014
Posts: 18
|
After creating signer certificate and configuring SSL also, I'm getting the same errors... I dont know where I was wrong... do I need to change my esql code please suggest me I'll try... from the last one week I was stuck up with this problem
Errors
1.A Web Service request has detected a SOCKET error whilst invoking a web service located at host &1, on port &2, on path &3.
2.An error occurred whilst performing an SSL socket operation
3.Connection refused: connect
Even when I was tried to call the same webservice statically by placing this url: https://maps.googleapis.com/maps/api/timezone/xml?location=39.6034810,-119.6822510×tamp=1331766000 in HTTP Requst webservice URL also, I'm getting the same errors... |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Aug 06, 2014 5:52 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
You need to GET the certificate from Google.
You can't CREATE one. |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Aug 06, 2014 5:55 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
As I and my most worthy associate have pointed out:
| vdharanikota wrote: |
| I dont know where I was wrong |
It's here:
| vdharanikota wrote: |
| After creating signer certificate |
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| vdharanikota |
| Posted: Wed Aug 06, 2014 6:00 am Post subject: |
|
|
Novice
Joined: 07 Jul 2014
Posts: 18
|
| I'm sorry... I have not created the certificate, which I was imported signer certificate on the given URL.. and added the certificate in the keystore and associated this keystore to the broker. |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Aug 06, 2014 6:13 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| vdharanikota wrote: |
| I'm sorry... I have not created the certificate, which I was imported signer certificate on the given URL.. and added the certificate in the keystore and associated this keystore to the broker. |
Ok.
Still not right.
Think about what you just said that you're doing, then think about the error you're getting, and then think about how that error ties to what you've configured.
Specifically think about this:
| McueMart wrote: |
| This should give you details about the signer certs etc you will need to trust |
and how what you've done doesn't achieve that.
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Aug 06, 2014 6:44 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
Ok. You downloaded the certificate from Google.
You created a truststore and added the google cert to the truststore.
You configured the broker to know where the truststore is, and restarted.
You told the HTTPRequest node to use SSL and then tried to talk to Google.
That should be sufficient.
Have you verified that the Broker server can otherwise reach the Google server? There might be a firewall in the way. |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Aug 06, 2014 9:21 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mqjeff wrote: |
You created a truststore and added the google cert to the truststore.
You configured the broker to know where the truststore is, and restarted.
|
The OP said "keystore" not "truststore".....
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Aug 06, 2014 9:23 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| Vitor wrote: |
| mqjeff wrote: |
You created a truststore and added the google cert to the truststore.
You configured the broker to know where the truststore is, and restarted.
|
The OP said "keystore" not "truststore"..... |
| Quote: |
| mqsichangeproperties IB9NODE -o BrokerRegistry -n brokerTruststoreFile -v D:\VDH\SSL\Chromegooglestruststorelatest.jks |
 |
|
| Back to top |
|
|
| Vitor |
| Posted: Wed Aug 06, 2014 9:26 am Post subject: |
|
|
Grand High Poobah
Joined: 11 Nov 2005
Posts: 26093
Location: Texas, USA
|
| mqjeff wrote: |
| Vitor wrote: |
| mqjeff wrote: |
You created a truststore and added the google cert to the truststore.
You configured the broker to know where the truststore is, and restarted.
|
The OP said "keystore" not "truststore"..... |
| Quote: |
| mqsichangeproperties IB9NODE -o BrokerRegistry -n brokerTruststoreFile -v D:\VDH\SSL\Chromegooglestruststorelatest.jks |
|
Oh he's got a truststore - but which one did he add the signer certificate to?
_________________
Honesty is the best policy.
Insanity is the best defence. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Wed Aug 06, 2014 9:27 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| Vitor wrote: |
| mqjeff wrote: |
| Vitor wrote: |
| mqjeff wrote: |
You created a truststore and added the google cert to the truststore.
You configured the broker to know where the truststore is, and restarted.
|
The OP said "keystore" not "truststore"..... |
| Quote: |
| mqsichangeproperties IB9NODE -o BrokerRegistry -n brokerTruststoreFile -v D:\VDH\SSL\Chromegooglestruststorelatest.jks |
|
Oh he's got a truststore - but which one did he add the signer certificate to? |
| Quote: |
| ikeycmd -cert -add -db D:\VDH\SSL\Chromegooglestruststorelatest.jks -pw pr0ximaCent@uri -label MB8KCBCert -file D:\VDH\SSL\googleca.crt |
 |
|
| Back to top |
|
|
|
|
