New post
Question
· May 29, 2020

How to convert existing Http webservice to Https webservice

#SOAP #Caché

Hello!  I have basic web services application that c# clients connect to the cache web services.  Using the browser, the user enters in the following url.

http://localhost:57772/csp/user/%25SOAP.WebServiceInvoke.cls?CLS=Sample....

which runs a soap method called Add.   I am not sure how to add https  security to the web service calls.  I have reviewed documentation pertaining configuring SST/TTL configuration and other information.   Can somebody please help me out on what I need to do?   If I change the url  from http to https, the web service class will not work.  The web service class is similar to the following example.   Also if I configure SST/TTL in the configuration setting under management section, I am not sure how to add the information to the web service.

We also researched for SSL for a web service hosted by ISC back-end in documentation, But didn't find anything related to this.

Class Sample.Test Extends %SOAP.WebService
{

/// SOAP Namespace for the WebService
Parameter NAMESPACE = "http://tempuri.org";

/// Name of the WebService.
Parameter SERVICENAME = "SOAPTest";

Parameter SOAPHEADERS = "LicenseInfo:SOAP.LicenseInfo";

Method Add(Arg1 As %Integer, Arg2 As %Integer) As %Integer [ WebMethod ]
{
    Quit Arg1 + Arg2
}

}

Discussion (1)1
Log in or sign up to continue
Pierre-Yves Duq... · May 29, 2020

Hello Vikash!

The Apache Web Server that gets installed on port 57772 as part of the  InterSystems Caché/Ensemble/IRIS  installation  is designed to serve the System Management portal pages, allow the connection from the Atelier/VSCode IDEs.

This Web Server is not hardened, scalable of otherwise "production Ready". As such, the ssl module is not installed, no server certificate is installed, and it does not respond to https requests on any port.

The recommended way is to install a separate Web Server, (Apache, Microsoft IIS or Nginx), and additionally:

  • install and configure the InterSystems CSP gateway (also called the Web Gateway in InterSystems IRIS)
  • generate some Server Certificates for this (private and public keys), and load them in your Web Server. You will need some Recognized Certificate authority to issue this certificates if you need your server to be recognized as trusted by external browsers/clients.
  • Configure this web Server to respond to Https on a specific port (the default is 443)
  • maintain this web server up to date with the latest security patches.

The relevant documentation for this process depends on the webserver you choose, and the CSP Gateway/Web gateway installation documentation can be found on the InterSystems website:

https://docs.intersystems.com/irislatest/csp/docbook/Doc.View.cls?KEY=PAGE_WEB_GATEWAY
 

0 0