Every now and then I take a look to Web Service implementation in Domino Designer, especially since Designer allows us to develop Web Service Providers using LotusScript or Java.
I don't know if Web Services are or will be successfully, but for sure I like the big picture surrounding them.
Some times ago I tried to consume a Web Service from Jajah voip company: first I tried using LS, but later I had to use Java to overcome LS limitations about name length limits.
Unfortunately even with Java I found problems because the Web Service had to be consumed over a SSL channel (HTTPS) but the remote web server certificate was a self-certified one, so my script simply crashed because the certificate was not trustable... I could not find an easy way to trust/import the that web server certificate.
I gave up with it and decided to use MS Soap client via COM object in a LS agent, successfully. Shame... ;-)
Today I tried for the first time to have a look back to the subject, so on VMware box I installed a brand-new Domino 8.5.1 server with a running self-certified web server certificate.
After that, I published a "calculator" Web Service with just a SUM() function available, just using a LS class.
On the "client" side, I used Designer 8.5.1 to consume that "remote" web service:
- I created a Web Service consumer choosing Java as programming language and specifying the remote WSDL file via a HTTPS url
- I also created a Java agent and imported the previous Java classes generated by the Web Service Consumer procedure, just to run a remote SUM function
When I tried step 1 to retrieve the WSDL file of the remote web server, I was surprised to see a pop-up window asking me to cross-certify the Internet certificate!
Of course I accepted to cross-certify it and run the client Java agent to consume the remote Web Service via https. I worked!
Ok, I decided to have a look inside the local names.nsf, inside the Certificates view and I could find the following entry:
Well, I decided to remove the certificate and run my Web Service consumer again: as expected, I got the following error on my Designer Java console:
faultString: Error connecting to 'ced75temp.ciemme.loc' on port '443', SSL invalid certificate, may need to cross-certify.
Error connecting to 'ced75temp.ciemme.loc' on port '443', SSL invalid certificate, may need to cross-certify.
at lotus.domino.axis.InternalFault.makeFault(Unknown Source)
at lotus.domino.axis.transport.http.HTTPSender.invoke(Unknown Source) .......
Well, I decided to make another test:
- I removed the certificate from the local names.nsf
- I run the wizard to import the Web Service WSDL file and try to force the Designer to show (once again) the Internet cross-certificate pop-up window
So, how to "manually" cross-certifiy an Internet certificate?
After some googling I find out the IBM following page and followed instructions from paragraph "From an Internet server": finally I could successfully run my client Java agent consuming the remote Web Service.
Follow what I did in the following screen shots
Have fun and let me know if it's working for you too.