Problem TLS 1.2 with Microsoft XMLHTTP(server)

Discussion forum about all things Gupta, OpenText and the community.
xenox75
Italy
Posts: 22
Joined: 11 Oct 2018, 14:42
Location: Italy

Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by xenox75 » 17 Nov 2020, 18:19

Bye,

I am using the Microsoft XMLHTTP(server) method to connect to an external link in POST mode.

From local works well, on the Citrix server immediately error...

It would seem that the destination url has no blocks or filters and that at least TLS 1.2 communication is needed...

Do you know if it is something that must be set on the Server or if on the call I can set TLS 1.2?

This is how the call is made:

Code: Select all

Set sRequest_Url = sURL
Set sRequest_Action = "POST"
Set sRequest_Input = sJSON_Input
Set sStatus = ""
Set dfErrori = ""
!
Set sPROXY_Valore = dfProxy
If (nWSPBLNexi_PROXY_Timeout <= 0)
	Set nPROXY_Timeout = 10000 ! 10000 = 10 Secondi
Else
	Set nPROXY_Timeout = nWSPBLNexi_PROXY_Timeout
!
! Disable Gupta error messageboxes. We handle the errors ourselves
Call SalActiveXAutoErrorMode( FALSE )
!
If uHTTP.Create( )
	! Set synchronous call
	Call uVariantAsync.SetBoolean( FALSE )
	! No user/password needed, so make optional
	Call uVariantUser.MakeOptional(  )
	Call uVariantPassword.MakeOptional(  )
	!
	! Imposto Timeout Chiamata
	Call uHTTP.setTimeouts( nPROXY_Timeout, nPROXY_Timeout, nPROXY_Timeout, nPROXY_Timeout )
	! Setto Parametri PROXY
	If cbProxy
		Call uVariantProxyServer.SetString( sPROXY_Valore )
		Call uVariantProxyBypasslist.MakeOptional(  )
		Call uHTTP.setProxy( 2, uVariantProxyServer, uVariantProxyBypasslist )
		Set dfErrori = "PROXY SET - "
	!
	If uHTTP.open( sRequest_Action, sRequest_Url, uVariantAsync, uVariantUser, uVariantPassword )
		! Now set the JSON in the body
		Call uVariantBody.SetString( sRequest_Input )
		!
		! Set the HTTP header properties
		Call uHTTP.setRequestHeader( 'Content-Type', 'application/json' )
		Call uHTTP.setRequestHeader( "Accept", 'application/json' )
		Call uHTTP.setRequestHeader( "Accept-Encoding", 'gzip,deflate' )
		Call uHTTP.setRequestHeader( "Connection", 'Keep-Alive' )
		!
		Set dfErrori = dfErrori || "Open OK - "
		!
		! Do execute the service
		If uHTTP.send( uVariantBody )
			! Get the status of the call
			Call uHTTP.PropGetstatus( nStatus )
			Call uHTTP.PropGetstatusText( sStatus )
			! Set dfStatus = sStatus || " (" || SalNumberToStrX( nStatus, 0 ) || ")"
			Set sStatus  = sStatus || " (" || SalNumberToStrX( nStatus, 0 ) || ")"
			Set dfErrori = dfErrori || "Send OK - "
			!
			! Get the header info => Commento non serve
			! Call uHTTP.getAllResponseHeaders( sHeaders )
			! Display the header info => Commento non serve
			! Set mlResponse = sHeaders
			!
			! Get the response document
			Call uHTTP.PropGetresponseText( sJSON_Output )
			!
			! Display the response on GUI
			! Set mlResponse = mlResponse || "
					RISPOSTA:
					" || VisStrSubstitute( sResponseText, "}", "}
					" )
		Else
			Set sStatus = "Error send"
			Call uHTTP.GetLastError( oErrore )
	Else
		Set sStatus = "Error opening"
		Call uHTTP.GetLastError( oErrore )
	!
	! Detach/release the object
	Call uHTTP.Release( )
Else
	Set sStatus = "Error create XMLHTTP60"

thanks

Dave Rabelink
Founder/Site Admin
Founder/Site Admin
Netherlands
Posts: 3145
Joined: 24 Feb 2017, 09:12
Location: Gouda, The Netherlands

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by Dave Rabelink » 18 Nov 2020, 07:39

Maybe try this. See:

https://markohoven.com/2020/03/06/msxml ... nd-tls1-2/


'force TLS 1.2
XMLServer.Option(9) = 2048
XMLServer.Option(6) = True
Regards,
Dave Rabelink

Image
Articles and information on Team Developer Tips & Tricks Wiki
Download samples, documents and resources from TD Sample Vault
Videos on TDWiki YouTube Channel

EWetzel
Germany
Posts: 262
Joined: 07 Mar 2017, 12:08
Location: Germany

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by EWetzel » 18 Nov 2020, 07:41

Hi,

maybe check this:

control panel -> internet options -> extended -> TLS 1.2#
TLS12.png
Enrico
You do not have the required permissions to view the files attached to this post.

Gideon Schulter
Site Admin
Site Admin
Netherlands
Posts: 21
Joined: 07 Mar 2017, 08:46
Location: Lelystad, The Netherlands

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by Gideon Schulter » 18 Nov 2020, 15:16

Hi,

You might want to check whether supprt for TLS v1.2 is enabled on your server (it might be disabled by default).
Make sure following registry-keys have been set:

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Server]
"Enabled"=dword:ffffffff

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\TLS 1.2\Client]
"Enabled"=dword:00000001
Best regards,

Gideon Schülter
Lelystad - The Netherlands

Image

xenox75
Italy
Posts: 22
Joined: 11 Oct 2018, 14:42
Location: Italy

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by xenox75 » 20 Nov 2020, 14:39

Hi EWetzel
on control panel -> internet options -> extended -> TLS 1.2#
TLS 1.2 is enabled

I also tried to disable it and it works the same, I think it doesn't use the internet explorer setting, but the S.O. setting.

xenox75
Italy
Posts: 22
Joined: 11 Oct 2018, 14:42
Location: Italy

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by xenox75 » 20 Nov 2020, 14:39

hi Gideon Schulter,

On my client (Windows 10) where it already works I don't have the entry "TLS 1.2" under "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SecurityProviders\SCHANNEL\Protocols\",
How can I force it disabled to see if it gives me error like on the server?

xenox75
Italy
Posts: 22
Joined: 11 Oct 2018, 14:42
Location: Italy

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by xenox75 » 20 Nov 2020, 15:01

Hi Dave Rabelink,

To set the options I have this method
Call uHTTP.setOption( Number, Object )

Object is Variant type, as it should be set:
XMLServer.Option(9) = 2048
XMLServer.Option(6) = True

Code: Select all

Call uVariantOptionTLS_num.SetNumber( 2048, VT_I4)
Call uVariantOptionTLS_bol.SetBoolean( TRUE )
Call uHTTP.setOption( 9, uVariantOptionTLS_num )
Call uHTTP.setOption( 6, uVariantOptionTLS_bol )
thanks

xenox75
Italy
Posts: 22
Joined: 11 Oct 2018, 14:42
Location: Italy

Re: Problem TLS 1.2 with Microsoft XMLHTTP(server)

Post by xenox75 » 20 Nov 2020, 18:30

I was able to block the TLS 1.2 from the registry by setting "TLS 1.2" and then "Enabled" = "0".
But disabled there if I then try to force it from application does not work, perhaps the setting of the S.O. prevails.

Return to “General Discussion”

Who is online

Users browsing this forum: [Ccbot] and 0 guests