cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

How to ignore/bypass SSL Certificate in Activity Custom Scripts (API call ) , SAP IRPA 2.0

Go to solution
staseeb
Active Participant

on ‎03-31-2021 9:39 AM

0 Kudos

Hello,

I am trying to POST a API request in my Automation under the activity Custom Script. But i am getting the error Hostname/IP does not match certificate's altnames: IP: **.**.***.*** is not in the cert's list:

i guess its related to SSL certificate, as same request posted perfectly on Postman.

I have tried to bypass/ignore it by sending an additional header in my request

insecure: true, but still facing same issues.

Any clues ?

Thanks

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

TJe
Product and Topic Expert
Product and Topic Expert
‎03-31-2021 11:43 AM
0 Kudos

can you please try to add this to the options:

https: { rejectUnauthorized: false }
or
rejectUnauthorized: false
Show replies
Show replies
staseeb
Active Participant
‎03-31-2021 12:49 PM
0 Kudos

Thanks thomas.jentsch ,

After adding the rejectUnauthorized: false , getting following error

TJe
Product and Topic Expert
Product and Topic Expert
‎03-31-2021 1:16 PM
0 Kudos

please try the other option also

staseeb
Active Participant
‎03-31-2021 1:27 PM
0 Kudos

Yes i tried with

https: { rejectUnauthorized: false }

Still same SSL error , let me tell you that, the URL contain the local IP, which is accessible from the Local Machine where Desktop Agent is running.

Same Request working fine on Postman, AFTER DISABLING SSL CERTIFICATION VERIFICATION.

Is there any header to Bypass the SSL, like we can do it in C# .

Thanks Alot

TJe
Product and Topic Expert
Product and Topic Expert
‎03-31-2021 2:12 PM
0 Kudos

found another option entry that may help:

requestCert: false
staseeb
Active Participant
‎04-01-2021 6:07 AM
0 Kudos

same Error, any other hints?

Answers (4)

Answers (4)

TJe
Product and Topic Expert
Product and Topic Expert
‎04-06-2021 1:14 PM
0 Kudos

So the final solution was to use both settings in the options ?

https:{ rejectUnauthorized: false },
cryptoCredentialsDetails: { minVersion: 'TLSv1' }
Show replies
Show replies
staseeb
Active Participant
‎04-06-2021 1:33 PM

we have done 2 things

  1. Added https: { rejectUnauthorized: false } to request.
  2. IT has uploaded the SSL in Service Layer.

Thanks

Taseeb Saeed

staseeb
Active Participant
‎04-06-2021 8:49 AM
0 Kudos

Dear thomas.jentsch,

Thanks for your answer, i have added https: { rejectUnauthorized: false }

and here is the error which i am facing now SSL routines:ssl_choose_client_version:unsupported protocol:c:\ws\deps\openssl\openssl\ssl\statem\statem_lib.c:1942:


Thanks

Show replies
Show replies
staseeb
Active Participant
‎04-05-2021 11:42 AM
0 Kudos

thomas.jentsch

Any Help ?

Show replies
Show replies
TJe
Product and Topic Expert
Product and Topic Expert
‎04-06-2021 7:53 AM
0 Kudos

I have just tested HTTPS with my SAP BusinessObject server.

  1. before adding https: { rejectUnauthorized: false } to the options the request failed with Error: self signed certificate in certificate chain
  2. adding https: { rejectUnauthorized: false } the request worked fine
  3. another finding is, that https: { rejectUnauthorized: false } must be added to each request

logon request

const options = {
    resolveBodyOnly: true,
    responseType: 'json',
    url: pSession.accessURL + 'logon/long',
    method: 'POST',
    headers: {
        'Accept': 'application/json',
        'Content-Type': 'application/json'
    },
    body: JSON.stringify({
        'password': pSession.logonParameters.password,
        'clientType': '',
        'auth': pSession.logonParameters.authentication,
        'userName': pSession.logonParameters.username
    })
};
const response = await irpa_core.request.call(options);
pSession.logonToken = response.logonToken;

group request

const options = {
    resolveBodyOnly: true,
    responseType: 'json',
    url: pSession.accessURL + '/v1/usergroups/usergroup',
    method: 'POST',
    headers: {
        'Accept': 'application/json',
        'Content-Type': 'application/json',
        'X-SAP-LogonToken': pSession.logonToken
    },
    https: { rejectUnauthorized: false },
    body :  JSON.stringify({
        'name': name
    })
};
const response = await irpa_core.request.call(options);
TJe
Product and Topic Expert
Product and Topic Expert
‎04-06-2021 9:22 AM
0 Kudos

found some information in google, searched for 'SSL routines:ssl_choose_client_version:unsupported protocol:c:\ws\deps\openssl\openssl\ssl\statem\statem_lib.c:1942' .

  • One was use encrypt:false in options
  • seems another and better one could be cryptoCredentialsDetails: { minVersion: 'TLSv1' }

not sure this helps, but you may find more information here: The https.request() make error 'ERR_SSL_UNSUPPORTED_PROTOCOL' with Node V12.2.0

former_member268378
Active Participant
‎03-31-2021 10:47 AM
0 Kudos

Dear Taseeb,

You may refer to the answer posted in Irpa-2.0-call-webservice

Hopefully this will help.

Thanks & Regards,

Deepty

Show replies
Show replies
staseeb
Active Participant
‎03-31-2021 11:31 AM
0 Kudos

Dear ,

I am using the same way, my script is as follows, but its still giving the same error

const options = {
 resolveBodyOnly: true,
 responseType: 'json',
 url: pSession.accessURL,
 method: 'POST',
 insecure: true,
 headers: {
 'Accept': 'application/json',
 'Content-Type': 'application/json'
 },
 body: JSON.stringify({
 'api_password': pSession.logonParameters.password,
 'api_username': pSession.logonParameters.username,
 'key': pSession.logonParameters.key
 })
};
const response = await irpa_core.request.call(options);
pSession.logonToken = response.access_token;

Ask a Question