1. mike S
  2. PowerBuilder
  3. Wednesday, 3 August 2022 21:06 PM UTC

Help says that the DEFAULT is 0 which means to ignore all certificate errors.  Does that mean it does not check the certificate at all by default?

 

how do you have these clients validate the client cert?   Do you set the value to null?  

 

I think this was added in PB 2021

-------------------------------

 

IgnoreServerCertificate - - Objects and Controls (appeon.com)

 

IgnoreServerCertificate

Applies to

HTTPClientRestClientTokenRequestOAuthRequest

Description

When the IgnoreServerCertificate property is set with a value, the program will ignore certain type(s) of server certificate error when sending a request. The value can be one or a combination of one or more of the following values. The default value is 0.

  • 0 -- ignores all certificate errors

  • 1 -- ignores unknown certificate authentication (CA)

  • 2 -- ignores certificates whose date is invalid

  • 4 -- ignores certificates whose common name (CN) is invalid

  • 8 -- ignores certificates with incorrect usage

Kai Zhao @Appeon Accepted Answer Pending Moderation
  1. Thursday, 4 August 2022 07:04 AM UTC
  2. PowerBuilder
  3. # 1

Hi Mike,

Yes, the ignoreservercertificate defaulting to 0 means it does not check the certificate at all.

For the issue 'how do you have these clients validate the client? ', sorry that I do not quite understand this issue, could you help elaborate or give us a specific example?
Normally, the client only validates the server certificate. But In two-way authentication, the server also validates the client certificate. Please note that PowerBuilder 2022 starts supporting two-way authentication and allows setting the client certificate. Please refer to the article below for details.
https://docs.appeon.com/pb/whats_new/Supports_two-way_SSL_authentication.html

Regards,
Kai

Comment
  1. Kai Zhao @Appeon
  2. Friday, 5 August 2022 08:18 AM UTC
Hi Mike,

There’s no option to not ignore it right now. I will record it as a new enhancement/requirement request and will transfer it to our product team for consideration.

You can set it to ignore one type so it will validate all other types of certificates errors. If IgnoreServerCertificate is set to validate the server certificate, and if the validation fails, an error code will be returned by HTTPClient sendRequest function, please refer to the article below for details.

https://docs.appeon.com/pb2021/powerscript_reference/sendRequest_func.html

Regards,Kai

  1. Helpful
  1. mike S
  2. Friday, 5 August 2022 14:01 PM UTC
To be clear, what you are saying is:

1. powerbuilder ignores any and all certificate errors.

2. If you want it to do any validation at all on a certificate, we have to tell it to ignore a particular error?





What we need is the ability to specify what should happen if there is a cert error. One of which is to error if there is anything at all wrong with the certificate, which should be the default.









  1. Helpful
  1. Kai Zhao @Appeon
  2. Monday, 15 August 2022 00:52 AM UTC
1 Yes.

2 Yes.



There’s no option to NOT ignore any error right now. I will record it as a new enhancement/requirement request and will transfer it to our product team for consideration.
  1. Helpful
There are no comments made yet.
  • Page :
  • 1


There are no replies made for this question yet.
However, you are not allowed to reply to this question.
We use cookies which are necessary for the proper functioning of our websites. We also use cookies to analyze our traffic, improve your experience and provide social media features. If you continue to use this site, you consent to our use of cookies.