Setting C# to always trust the certificate as per Kim's suggestion sounds
like the easiest option.
The approach is also described here:
http://www.c-sharpcorner.com/Blogs/BlogDetail.aspx?BlogId=3432
Alternatively, to disable SSL being required for API-M, in web.xml, find the
<security-constraint> section with <description>APIM</description> and
remove:
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
Back up your repository first though! And be aware that without SSL it
could be possible for a third party to intercept requests and determine the
credentials.
Steve
-----Original Message-----
From: Kim Shepherd [mailto:[email protected]]
Sent: 14 September 2010 22:59
To: Jim Kane
Cc: [email protected]
Subject: Re: [fcrepo-user] REST API trust relationship
Hi Jim,
I don't know for sure whether this will work for you, but here's an
alternative option I ended up trying out when working with APIA and APIM:
hacking your C# a bit so that it doesn't care so much about non-trusted
certificates.
You can delegate your own function to
ServicePointManager.ServerCertificateValidationCallback, which will bypass
all the usual trust checks and just do what you tell it to.
In my simple testing case, "return true" was good enough for me, but perhaps
you'd want to do some further checks to verify that it is the self-signed
cert you're expecting.
Example (before credentials are set and passed):
--
ServicePointManager.ServerCertificateValidationCallback = delegate { return
true; };
I never actually ended up using my weird little C# client for anything
except testing, and I used it with the SOAP services rather than REST, but I
think that trick might help you out somewhat if you don't want to purchase a
certificate and can live with the lack of validation (or some custom
validation you build yourself).
Cheers!
Kim
On 15 September 2010 04:37, Jim Kane <[email protected]> wrote:
Hi Steve
Thanks very much. Will that not revert ALL my settings and configurations?
We've got proai, gsearch etc installed and it'll be a faff to have to do
reconfigs on those, but if it's a necessary evil, so be it!
Sorry to be such a bother
Regards
JK
On 14 September 2010 17:16, Steve Bayliss
<[email protected]> wrote:
Hi Jim
If you go for a reinstall you can just point your new installation at your
existing datastore, SQL database etc - essentially the same process as an
upgrade here: https://wiki.duraspace.org/display/FCR30/Upgrading+from+3.x -
but you can ignore the instructions on rebuilding the resource index if
you're just reinstalling the same version.
So no need to re-ingest your content.
Regards
Steve
-----Original Message-----
From: West, Graeme [mailto:[email protected]]
Sent: 14 September 2010 17:01
To: Jim Kane
Cc: [email protected]
Subject: Re: [fcrepo-user] REST API trust relationship
Hi Jim,
I'm not certain. I think I remember reading that it's possible to do so
without reinstalling, but I can't find anything in server.xml, any of the
web.xmls or in fedora.fcfg that would suggest how.
But if anyone knows, they'll be on this list!
Graeme
On 14 Sep 2010, at 16:34, Jim Kane wrote:
cheers Graeme!
So I would need to make a completely new install for this to take effect
then?
Can I not just do a rebuild.sh?
On 14 September 2010 16:21, West, Graeme
<[email protected]<mailto:[email protected]>> wrote:
Hi Jim,
It looks like your Fedora is set to require SSL connections for API-M
requests. You can check this by looking for the 'apim.ssl.required' property
in $FEDORA_HOME//install/install.properties .
You can set this property to false using the Fedora installer. I think
there's also a way to change it on an existing install, but I'm not sure
exactly how.
Graeme West
Digital Repository Developer
Information Services
Glasgow Caledonian University
[email protected]<mailto:[email protected]><mailto:[email protected]
c.uk<mailto:[email protected]>>
On 14 Sep 2010, at 15:44, Jim Kane wrote:
Hi all
I am running Fedora 3.3 on centOS linux
I am currently trying to get back the result of getNextPid from the REST
API-M via an extremely simple C# program that makes a web request for
getNextPID.
The process returns the error "ERROR: The underlying connection was closed:
Could not establish trust relationship for the SSL/TLS secure channel."
I assume this is the result of using a (self signed) certificate for my
fedora implementation.
Basically, I would like to know the best approach to be able to call the
REST api without having to got through masses of X509Certificate stuff.
Any help would be much appreciated
Thanks in advance
Jim Kane
National Library of Scotland
Email has been scanned for viruses by Altman Technologies' email management
service<http://www.altman.co.uk/emailsystems>
----------------------------------------------------------------------------
--
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
Email has been scanned for viruses by Altman Technologies' email management
service -
www.altman.co.uk/emailsystems<http://www.altman.co.uk/emailsystems>
_______________________________________________
Fedora-commons-users mailing list
[email protected]<mailto:fedora-commons-us...@lists
.sourceforge.net>
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
Email has been scanned for viruses by Altman Technologies' email management
service -
www.altman.co.uk/emailsystems<http://www.altman.co.uk/emailsystems>
Glasgow Caledonian University is a registered Scottish charity, number
SC021474
Winner: Times Higher Education's Widening Participation Initiative of the
Year 2009 and Herald Society's Education Initiative of the Year 2009
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en
<http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,e
n%0A.html>
.html
Email has been scanned for viruses by Altman Technologies' email management
service<http://www.altman.co.uk/emailsystems>
----------------------------------------------------------------------------
--
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
Email has been scanned for viruses by Altman Technologies' email management
service - www.altman.co.uk/emailsystems
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
Email has been scanned for viruses by Altman Technologies' email management
service - www.altman.co.uk/emailsystems
Glasgow Caledonian University is a registered Scottish charity, number
SC021474
Winner: Times Higher Education's Widening Participation Initiative of the
Year 2009 and Herald Society's Education Initiative of the Year 2009
http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,en
<http://www.gcu.ac.uk/newsevents/news/bycategory/theuniversity/1/name,6219,e
n%0A.html>
.html
----------------------------------------------------------------------------
--
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
----------------------------------------------------------------------------
--
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
------------------------------------------------------------------------------
Start uncovering the many advantages of virtual appliances
and start using them to simplify application deployment and
accelerate your shift to cloud computing.
http://p.sf.net/sfu/novell-sfdev2dev
_______________________________________________
Fedora-commons-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/fedora-commons-users
