HTTPS GET/POST - CONNECTION CLOSED BY REMOTE HOST

Kumar_Kumar · January 24, 2014, 10:51pm

Hi All,

I need some help regarding the https method of connecting to a partner. Here is the problem we’re facing. we have a trading partner and we installed their .cer certificate in our dev system and when we invoke their https url with post/get, it is working fine.

But the same code is not working in our other environment, we have installed the same cert. It is now giving Connection closed by Remote Host error. Not able to get any return parameters back. Is this some kind of firewall issue/certificate authentication issue. we asked the partner whether they need our public cert, They said they do not need it. How to troubleshoot this issue, we have very limited help from firewall team etc.

Please point out any areas that I might have to look at to make sure those are correct. Are there any settings that I need to make sure as it is working fine in one of our environments?

Any help is much appreciated.
Regards,
Kumar.

rmg · January 24, 2014, 10:56pm

What is your IS version?

Yes normally that error means you need to troubleshoot both ends (having with network team on call) and probably you also need to raise the Logging level in the IS (SSL,Authentication,HTTP codes please expand the tree and set it to Debug or Trace)

Assuming you have installed the certs on the ports level (RI) under Security and Certificates same as configuration on your DEV as you sounds it worked fine.

HTH,
RMG

Kumar_Kumar · January 25, 2014, 2:02am

Hi RMG,

Our current version is 7.1.3.

Also, I noticed onething, when I change the url to http from https. It is now throwing com.wm.driver.comm.b2b.WmCommException: [[java.io.IOException: Proxy Authorization Required: Proxy Authentication Required] java.io.IOException: Proxy Authorization Required: Proxy Authentication Required] [java.io.IOException: Proxy Authorization Required: Proxy Authentication Required] java.io.IOException: Proxy Authorization Required: Proxy Authentication Required

The same kind of error is happening in DEV as well. Does this mean, there are no firewall issues? What is this proxy authorization means when we change it to http.

Thanks for your inputs.

Kumar_Kumar · January 27, 2014, 3:07pm

Hi RMG,

When I have increased the logging levels. I can see this message.

[2721]2014-01-27 09:07:17 EST [ISS.0012.0008T] Skipping authentication because session 3e12b700853d11e3bc6ebebcd18adcda contains user (ABCD).

Any thoughts?

Thanks for your inputs.

Rankesh_Kumar1 · January 27, 2014, 4:35pm

@Kumar,

You need to define HTTP/S proxies as Firewall is not allowing internet calls.

You may not have a proxy for HTTPS call in dev, but available in other environments.

Check with N/W admin.

Thanks,
Rankes

Kumar_Kumar · January 27, 2014, 7:31pm

Hi Rankes,

Thanks for your reply. I’ll check with our N/W team but looking at the Proxy Server settings we do have HTTP and HTTPS proxies defined.

Thanks.

rmg · January 27, 2014, 9:21pm

Please make sure you have all latest SrvrProtocol fixes on 713.

Also check this resolution if it helps in your case:

Resolution:

The exception indicate that the proxy server you are connecting to requires NTLM whereas IS is using Basic authentication.

You’ll need to check if your Proxy Server allows Basic authentication.

If Basic is not allow, turn on the NTLM on IS by using the WmWin32 package (IS Admin Guide).

However, this package is only supported in Windows OS, not on SunOS, Solaris, or UNIX.

Work around:
a. Open up the basic authentication profile in the proxy server.
b. Make use of the IS HTTP Reverse Gateway functionality by having the Gateway server as windows machine and the internal server as SunOS/Solaris/Unix.

Add -Djava.protocol.handler.pkgs=com.sun.net.ssl.internal.www.protocol to JAVA_MEMSET parameter in server.bat/server.sh and restart IS.

HTH,
RMG