HTTP Request methods and HTTPS

Sreyroat_Seng · May 31, 2016, 8:38pm

Hello,

Can the HTTP Request methods as provided by the Lua engine of Orthanc make calls to rest endpoints that are HTTPS instead of HTTP?

For example, https://localhost.com:9080/endpoint

I get the following error:

E0531 … HttpClient.cpp:111] libCURL error: Problem with the SSL CA cert (path? access rights?)

Thanks!
Srey Seng

jodogne · June 8, 2016, 8:46am

Hello,

Yes, Lua can call HTTPS, but you have to properly configure Orthanc.

In the configuration file [1], carefully read the “HttpsVerifyPeers” and “HttpsCACertificates” options.

Please also note that as of Orthanc 1.0.0, you cannot connect against self-signed HTTPS certificates, even if “HttpsVerifyPeers” is set to “false”. This issue is now fixed in the mainline, and the fix will be part of Orthanc 1.0.1.

HTH,
Sébastien-

[1] https://orthanc.chu.ulg.ac.be/book/users/configuration.html

Sreyroat_Seng · June 8, 2016, 11:38pm

Great, setting “HttpsVerifyPeers” to “false” is working for me at this time.

Thanks!!
Srey Seng

Sreyroat_Seng · December 6, 2016, 10:32pm

Hello,

As a follow up:
When I use Orthanc docker mainline w/ plugins (20160205T173109), with the HttpsVerifyPeers set to false, Lua script can successfully make calls to HTTPS endpoint.
However, keeping everything the same, when I use Orthanc docker mainline w/ plugins (20161118T163419), Lua script cannot make calls to HTTPS endpoint, with the following error:

libCURL error: Problem with the SSL CA cert (path? access rights?)

So, in short, when I upgrade Orthanc docker mainline (20160205T173109) to Orthanc docker mainline (20161118T163419), calling https no longer works.
When I “downgrade” the code, call https works again.

Is there an updated method to enable calling of https endpoint in place of (or in addition to) setting HttpsVerifyPeers option to false?

Thanks!
Srey Seng

jodogne · December 7, 2016, 7:28am

Hello,

Please provide your full configuration file and your Lua script, so that the problem can be reproduced.

Regards,
Sébastien-

Sreyroat_Seng · December 7, 2016, 7:09pm

To be sure!

Attached is the configuration file used, and also sample lua script. In short, the configuration file is derived from the sample configuration from Orthanc docker mainline w/ plugins (20160205T173109), with updates to HttpsVerifyPeers, HttpsCACertificates, and postgres section added.

Additional note:
When I set HttpsVerifyPeers to true, and provide HttpsCACertificates, I am able to call HTTPS endpoint with Orthanc docker mainline w/ plugins (20160205T173109), but not when I upgrade to Orthanc docker mainline w/ plugins (20161118T163419). I continue to get the same libCURL error:

libCURL error: Problem with the SSL CA cert (path? access rights?)

Thanks!
Srey Seng

sample-notify.lua (338 Bytes)

orthanc.json (10.3 KB)

jodogne · December 13, 2016, 10:10am

Thanks! The issue is now fixed in the mainline:
https://bitbucket.org/sjodogne/orthanc/commits/262fcab240246d117e108e349f1e5eca77bf57e4

Regards,
Sébastien-

Sreyroat_Seng · December 14, 2016, 4:47am

This is working as expected for me now using latest Orthanc docker mainline w/ plugins (20161213T144656).

Thank you!!
Srey