Accessing a TLS1.2 web server from Omnis Studio 5 on Windows 10

Mike Matthews - Omnis omnis at lineal.co.uk
Mon Sep 14 13:04:34 EDT 2020


I had the same issue.  From bad memory, it was the weshared.u_lib file that was reworked for v5.2, all of this is fine for v8 onwards, maybe v6 as well.

This is one the issues we find, unless you are on the latest version, these new security protocols will stuff you right up for older versions of Studio.

Rightly so, but if you don’t need to talk to the outside world, older versions will continue to work.

Mike


[Lineal Software Solutions]         <http://www.lineal.co.uk>

[Twitter]<https://twitter.com/linealsoftware> [Facebook] <https://www.facebook.com/linealsoftware?fref=ts&ref=br_tf>  [Google +] <https://plus.google.com/112982815000763473226/about>  [LinkedIn] <https://www.linkedin.com/company/1859834?trk=tyah&trkInfo=clickedVertical%3Acompany%2Cidx%3A1-1-1%2CtarId%3A1437729256906%2Ctas%3Alineal%20s>

[https://s3.amazonaws.com/htmlsig-assets/spacer.gif]

Mike Matthews
omnis at lineal.co.uk<mailto:omnis at lineal.co.uk>

Lineal Software Solutions
01271 375999
Commercial House, The StrandBarnstaple, Devon, EX31 1EU
www.lineal.co.uk<http://www.lineal.co.uk>


[http://www.lineal.co.uk/stuff/EmailSig/MicrosoftPartner.png]<http://www.lineal.co.uk/windows-support/> [http://www.lineal.co.uk/stuff/EmailSig/Office_365.png] <http://www.lineal.co.uk/microsoft-office-365/>  [http://www.lineal.co.uk/stuff/EmailSig/Cisco.png] <http://www.lineal.co.uk/wifi-networks/>  [http://www.lineal.co.uk/stuff/EmailSig/Meraki.png] <http://www.lineal.co.uk/wifi-networks/>  [http://www.lineal.co.uk/stuff/EmailSig/Dell.png] <http://www.lineal.co.uk/it-systems/>  [http://www.lineal.co.uk/stuff/EmailSig/Gamma.png] <http://www.lineal.co.uk/gamma-horizon-voip/>  [http://www.lineal.co.uk/stuff/EmailSig/Kerio.png] <http://www.lineal.co.uk/kerio/>  [http://www.lineal.co.uk/stuff/EmailSig/Apple.png] <http://www.lineal.co.uk/apple-upgrades-repairs/>  [http://www.lineal.co.uk/stuff/EmailSig/Eset.png] <http://www.lineal.co.uk/eset-security-software/>  [http://www.lineal.co.uk/stuff/EmailSig/mitel.png] <http://www.lineal.co.uk/shoretel/>




On 14 Sep 2020, at 14:10, Doug Easterbrook <doug at artsman.com<mailto:doug at artsman.com>> wrote:

hi Dik:

we got it working with Studip 5.2.3.x

it required some new components from Omnis support that linked in different SSL libraries, which we received as part of ODPP.  WE absolutely required those to connect to Credit card companies as part of PCI compliance since they need TLS 1.2 or later connections

For Mac, this was some web components that linked to the built in Mac security libraries

For windows, as I recall, it linked into something in the OS as well.   Exactly what, I don’t recall since this was about 6 years ago.


If my memory serves me right,  Omnis support did something with the omnis 6.1  ->  32 bit wesecure and weshared libraries in the omnis directory and back compiled them for studio 5.2.3



This patch still works on windows 10 and OSX  Mojave as I can still connect to TLS 1.2 sites



64 bit windows openssl will not work (since studio 5 is only 32 bit).




Doug Easterbrook
Arts Management Systems Ltd.
mailto:doug at artsman.com
http://www.artsman.com
Phone (403) 650-1978

On September 14, 2020, at 3:50 AM, Dik Langan <DikLangan at hotmail.com> wrote:

Hi all,

On the Omnis forum I found a OmnisDev reply by Doug Easterbrook which appears to come close to answering the issue I have but having installed OpenSSL I am getting errors when trying to call a web service hosted on an HTTPS server using TLS 1.2 from my Omnis Studio 5 code on Windows 10 so I think I am missing something.

The reference conversation is here: "https://forum.omnis.net/omnislist/httpget-request-secure-requests-5" and I have followed the steps (even tried installing the Win32 and Win64 versions of OpenSSL) and whilst the errors are different they all have the same cause by the look of it - I get:

WebDevGetSecureError = 3020:error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version:.\ssl\s23_clnt.c:658:

and

10084:error:1407742E:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version:.\ssl\s23_clnt.c:658:

with the obvious common message "SSL23_GET_SERVER_HELLO:tlsv1 alert protocol version". Now as I know the server I am connecting to is running TLS 1.2 I wonder if there is some way to configure OpenSSL that I am missing as it appears to be trying just "TLS 1"?

If there is anyone out there with experience of getting Omnis 5 to talk to a server running TLS1.2 I would love some help please.

Thanks

Dik.
_____________________________________________________________
Manage your list subscriptions at http://lists.omnis-dev.com
Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com

_____________________________________________________________
Manage your list subscriptions at http://lists.omnis-dev.com
Start a new message -> mailto:omnisdev-en at lists.omnis-dev.com



More information about the omnisdev-en mailing list