My postman request errors-out with status: 401 Unauthorized and "error_description": "proper client ssl certificate was not presented".
I have confirmed in both MMC and MS Edge that ADP certificate is installed - it shows-up in a list of certificates. The status of certificate reads - "This certificate is OK", "Windows does not have enough information to verify this certificate".
Can this cause the Postman error? What else should I pay attention to?
I'm following Making Your First API Call Using Postman directions and trying to request a bearer token from ADP.
Related
I am attempting to execute a request using the following:
Set httpRequest = CreateObject("WinHttp.WinHttpRequest.5.1") 'Was initially trying ServerXMLHTTP here
httpRequest.Open "POST", "<WSDL Endpoint Here>", False
httpRequest.Send payload
Instead, an error ("The certificate chain was issued by an authority that is not trusted." / 80090325) is being returned regardless of what I try.
Navigating to the WSDL in a web browser works fine and requests executed through SoapUI also succeed.
I have attempted to ignore server errors using the following but it doesn't seem to make a difference. I have also tried different versions of the ServerXMLHTTP object.
httpRequest.setOption 2, 13056
The chain of the certificate for the WSDL looks like [Company Root CA 1] > [Company Issuing CA 1] > [Cert for WSDL Site] and I have confirmed that the Company Root CA 1 certificate is installed under Trusted Root Certification Authorities for the Local Computer account.
I'm using [this][1] library to generate SSL certificates. My storage generates 4 files: certificate.pem, private_key.pem, chain.pem, and fullchain.pem.
I want to install this certificate in acquia cloud using their Rest API post endpoint to install ssl certificate. The payload looks like the following:
{
"legacy": 0,
"certificate": "pasted the content inside our certificate.pem",
"private_key": "pasted the content inside private_key.pem",
"ca_certificates": "pasted the content inside the fullchain.pem",
"label": "My New Cert"
}
When I send a request, I received an error to contact they api owner support, and searching around through the server log I came across this:
Error response: 500 (Internal Server Error). Error message: Site certificate CA chain certificates are out of order..
What exactly does this error mean by saying out of order?
I am a new user for Microsoft Flows.
I have a requirement for Connecting the Microsoft Flow with HTTP Request.
When connecting the HTTP Request, I am using the Client Certificate with the .pfx certificate file.
I am using the below format :
{
"type": "ClientCertificate",
"pfx": "aGVsbG8g...d29ybGQ=",
"password": "myPassword"
}
I am adding the pfx file in Base64 Encoding Format and Password in Plain Text format.
While running the Flow, I get the below error :
BadRequest. Http request failed with status code 'SecureChannelFailure'
and status message: 'The request was aborted: Could not create SSL/TLS secure
channel.'.
Please help me to resolve this issue and correct the SSL/TLS Secure Channel Error.
Thanks,
:)
Using SoapUI 5.2.1 with the SSL client cert configured...
A python request to the endpoint like so
import requests
HOST = 'https://HOST'
CERT_FILE = 'CERT.crt'
KEY_FILE = 'KEY.key'
ping_response = requests.get(HOST, cert=(CERT_FILE, KEY_FILE))
print(ping_response)
works fine, but when I turned the cert/key into a PFX or a java keystore and load it into SoapUI like so
http://geekswithblogs.net/gvdmaaden/archive/2011/02/24/how-to-configure-soapui-with-client-certificate-authentication.aspx
I run a request and get a 400 Bad Request response with a body of "No required SSL certificate was sent"
It seems that the client cert is not being sent. Is there another step to configuring SoapUI for client auth? Do I need to specifically link it to the project or request somewhere?
On our SharePoint 2010 farm we renewed our SSL certificate, and after renewal we started to get following error in Event Log
Event ID 8311
An operation failed because the following certificate has validation errors:\n\nSubject Name:
CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US\nIssuer Name: CN=SharePoint Root Authority, OU=SharePoint, O=Microsoft, C=US\nThumbprint: \n\nErrors:\n\n
RevocationStatusUnknown: The revocation function was unable to check revocation for the certificate.
Website is generally working with correct renewed certificate. Even Claims Authentication between SharePoint and custom security app is also working. But some of the SharePoint services are giving serious issues like search is not working and giving following error:
The requested service, 'http://server:32843/f6a9024b8bbe48ebae7e9ffc8f5809dd/SearchService.svc' could not be activated. See the server's diagnostic trace logs for more information.
Stack trace:
Server stack trace:
at System.ServiceModel.Channels.HttpChannelUtilities.ValidateRequestReplyResponse(HttpWebRequest request, HttpWebResponse response, HttpChannelFactory factory, WebException responseException, ChannelBinding channelBinding)
When I run Get-SPSite command in powershell I get following error
Get-SPSite : ID4257: X.509 certificate 'CN=SharePoint Security Token Service, OU=SharePoint, O=Microsoft, C=US' validation failed by the token handler.
I am not able to deactivate/activate any features on the server, it throws certificate error.
I have already tried following:
1. Recreating the local trust relationship using following commands
$rootCert = (Get-SPCertificateAuthority).RootCertificate
New-SPTrustedRootAuthority -Name "localNew" -Certificate $rootCert
2. Adding "SharePoint Root Authority" certificate to certificate store on each server in the farm, in mmc SharePoint certificates "SharePoint Security Token Service" certificate is displayed under "SharePoint Root Authority" certificate.
I had a similar issue, our symptom was
<EventID>8311</EventID>
...
<Data Name="string3">NotTimeValid: Unknown error.</Data>
the root cause was that the site was surfacing SSRS (on the same host) and it was the SSRS (which has a different binding engine to IIS) certificate had expired, but was being logged by SharePoint.