Clovertech

http-client

Clovertech Forums Read Only Archives Cloverleaf Cloverleaf http-client

  • Creator
    Topic
  • October 7, 2011 at 4:11 pm #52741
    Todd Yingling
    Participant

      Hello,

      I have a vendor that needs immunization transactions sent to them real-time via http post.  Can I do this in a secure fashion with Cloverleaf 5.7?

      Right now, I’m using the fileset-local protocol to send the messages to a file.  I call a tcl proc that uses tclcurl to http post the messages to the vendor’s site.  I’m concerned on how secure this method really is.

      The vendor mentioned passing certificates; however, they can’t tell me any information about the certificate.  Shouldn’t they provide that information?

      Any help is appreciated.

      Thanks.

    • Creator
      Topic
    Viewing 5 reply threads
    • Author
      Replies
      • October 10, 2011 at 6:24 pm #75342
        Mike Campbell
        Participant

          We have several outgoing threads using the PROTOCOL:http-client

          Then we have the URL filled in which most likely will be an https:// address.

          Our setup is using the Headers:

        • October 10, 2011 at 6:52 pm #75343
          Jim Kosloskey
          Participant

            Todd,

            I suspect the trading partner is wanting HTTPS not HTTP which will require SSL. That needs a licensed add-on for Cloverleaf (costs $).

            As for certificates, ordinarily I would expect the vendor to converse regarding the certificate options.

            Straight HTTP is only as secure as the user name password combination (assuming one is used).

            email: jim.kosloskey@jim-kosloskey.com 29+ years Cloverleaf, 59 years IT - old fart.

          • October 10, 2011 at 9:31 pm #75344
            Charlie Bursell
            Participant

              All you are doing from the HTTP protocol is calling a Tcl script and passing it the NetConfig parameters.  You can then write or modify the supplied procedure to what you want.

              As for the certificate there are ways to get it.

              If you have an HTTPS URL you can go to the site using a browser.

              For example using IE8, once you get to the siye you will see a small picture of a lock in the same window as the URL.

              Click on the lock and the click “View Certificate”

              Click on Details and you will be able to copy the certificate to a file

              This may or may not help you.  You may need SSL or TLS AAuthentication keys as well.  our vendor *MUST* provide connection information

              Here is a good WIKI site:

              http://en.wikipedia.org/wiki/HTTP_Secure

            • February 7, 2012 at 6:21 pm #75345
              Gene Salay
              Participant

                With 5.8, is it still true that HTTPS functionality requires an additional license?

              • February 7, 2012 at 6:47 pm #75346
                Jim Kosloskey
                Participant

                  Gena,

                  As far as I am aware – yes – and that includes FTPS and SFTP as well I think.

                  email: jim.kosloskey@jim-kosloskey.com 29+ years Cloverleaf, 59 years IT - old fart.

                • February 7, 2012 at 9:22 pm #75347
                  Bob Richardson
                  Participant

                    Greetings,

                    Yes.  To turn on all the Secure Messenger modules you need to purchase an additional license for each server.  For 5.8 the SSH is part of the Secure Messenger module.

                    Contact your Customer Service representative for prices.

                    Hope this helps you out.

                • Author
                  Replies
                Viewing 5 reply threads
                • The forum ‘Cloverleaf’ is closed to new topics and replies.