We have a PHP application which allows users to upload files to a non-PeopleSoft server via HTTPS. The PHP application then uses a synchronous web service to tell PeopleSoft there's a file to be picked up. We want PeopleSoft to then transfer that file into a database table. The web service handler uses Application Package peoplecode. (Tools 8.51.17). We think that we need to use GetAttachment() to transfer the file from the non-PeopleSoft server to the PeopleSoft Application server, and then PutAttachment() to transfer the file from the app server to the database table.
The issue we're having is getting GetAttachment() to work via HTTPS. We've created a URL Definition with the URL "https://www83-test.somedomain.edu:473". The URL works fine in a web browser. The System and Server Administration Peoplebook, URL Maintenance topic says...
"*Working with HTTP/HTTPS*
HTTP/S file transfer requires the http/https repository available (file storage location). The repository can either be on a PeopleSoft web server or non-PeopleSoft server. The PeopleSoft Internet Architecture provides a handler servlet (psfiletranfer) to handle the requests. *If you use a non-PeopleSoft web server you need to create a handler for non-PeopelSoft (sic) servers/repositories*." Does anybody have any idea what this means and how we go about creating said handler? (If it's actually required... I don't automatically believe everything I read in Peoplebooks. ;-)
Our tech guys have installed the PHP server's SSL certificate on our app server I think (I'm out of my depth here). When we try to use GetAttachment() without any URL properties set or any non-PeopleSoft handler set up (that we're aware of), we get the following errors...
Trace file says...
146: &AttachReturn = GetAttachment(URL.GU_OE_HTTP, &lStrUserFileName, &lStrAttachSysFileName, "PS_SERVDIR");
EvalGetAttachment: processed URL catalog entry.
IsURLValid: masked specified FTP URL = https://www83-test.somedomain.edu:473/
IsDirValid: specified URL = https://www83-test.somedomain.edu:473/STEPHENs_list.docx
EvalGetAttachment: dereferenced third parameter = STEPHENs_list~2013-01-16-130842817.docx
EvalGetAttachment: environment variable PS_SERVDIR resolves to e:\psoft8\HE900D9\appserv\HE90D9
EvalGetAttachment: local file = e:\psoft8\HE900D9\appserv\HE90D9\STEPHENs_list~2013-01-16-130842817.docx
ExecuteGetAttachment: starting, e:\psoft8\HE900D9\appserv\HE90D9\STEPHENs_list~2013-01-16-130842817.docx.
ExecuteGetAttachment: filtered name.
PSCurlFileTransferSession: Properties for file transfer object are set succesfully.
PSCurlFileTransferSession: Download : Target Location - e:\psoft8\HE900D9\appserv\HE90D9\STEPHENs_list~2013-01-16-130842817.docx.
PSCurlFileTransferSession: Download : Properties set.
PSCurlFileTransferSession: Download : File Transfer Failed : FTP library Error code : 35 - SSL connect error
ExecuteGetAttachment: Return code : 8
PSCurlFileTransferSession: Destructing the file transfer library object.
EvalGetAttachment (error): return code (8) indicates attempt to download file from storage failed.
EvalGetAttachment: finishing and returning 8.
File Transfer Log file says...
* About to connect() to www83-test.somedomain.edu port 473 (#0)
* Trying 188.8.131.52... * connected
* Connected to www83-test.somedomain.edu (184.108.40.206) port 473 (#0)
* error:140770FC:SSL routines:SSL23_GET_SERVER_HELLO:unknown protocol
* Closing connection #0
* SSL connect error
It doesn't appear to give any more info than the other trace/log files. Here's an example...
WebServiceUserName@JavaClient IntegrationSvc](0) While processing where:
WebServiceUserName@JavaClient IntegrationSvc](0) specified (masked) URL = "https://www83-test.somedomain.edu:473/".
WebServiceUserName@JavaClient IntegrationSvc](0) specified system file name = "STEPHENs_list.docx".
WebServiceUserName@JavaClient IntegrationSvc](0) specified local file name = "STEPHENs_list~2013-01-16-130842817.docx".
WebServiceUserName@JavaClient IntegrationSvc](0) EvalGetAttachment (error): return code (8) indicates attempt to download file from storage failed.
Do you have any log files on the non-PeopleSoft server (www83-test.somedomain.edu) that you can look at? From PeopleBooks > PeopleTools > PeopleCode Built-in Functions a return code of 8 from getattachment means:
Unable to login to destination system for FTP.
The following are some possible situations where %Attachment_DestSysFailedLogin could be returned:
Unsupported protocol specified.
Access denied to server.
Failed to connect using SSL Failed to verify the certificates.
Failed due to problem in certificates used.
Could not authenticate the peer certificate.
Failed to login with specified SSL level.
Remote server denied logon.
Problem reading SSL certificate.
You may need to set some of the URL properties (as described in the URL Maintenance PeopleBook you mentioned in your first post) for the SSL connection to work property.
Thanks J R, your reply got me thinking some more. I tried to set the SSLUSAGELEVEL URL property to 1 and got an error saying I needed to set the CERTALIAS property. This led me to the Digital Certificates page, where one of our techs had loaded the SSL certificate. The peoplecode/sql trace showed an error retrieving the Certificate, which looks to be related to the certificate having been loaded with the wrong type (needs to be "Root CA")- meh, red herring. So we are making slow progress, the norm when you're trying to figure out how to do something new and there's no step-by-step guide on how to do it.
Your suggestion to check the log files on the non-PeopleSoft server is a good one too. although I don't think we're getting that far yet.
Update: The error is "LoadSSLCerts (error): Unable to Load the SSL Certificates from Database" - haven't been able to find any doco on this error via Google.
Edited by: Stephen Fenner on 16-Jan-2013 22:07
Edited by: Stephen Fenner on 16-Jan-2013 22:08
It's probably a question you can't answer seeing your initial post, but I have doubts about the certificate being properly loaded into PeopleSoft. The certificate has to be loaded into PeopleSoft itself (online), the Weblogic keystore and the JRE keystore.
Thank you for your contributions. We've decided to use SFTP instead of HTTPS as it's significantly easier to implement (with our current level of expertise) and can still be done in real time using the GetAttachment() function.