com.HttpRequest.setVerifyServer

Defines if certificates for applications or services are validated on each request.

Syntax

setVerifyServer(
   val BOOLEAN )
  1. val specifies TRUE or FALSE.

Usage

The setVerifyServer() method allows you to specify if certificates for applications or services run by the server are validated or not at each request.

For example, if set to FALSE, once the server has been validated against the local certificate authority, no additional request is performed to validate certificates for applications or services run by the server. Default value is TRUE (certificate validation is done for all requests for HTTPS applications or services).
Warning: Using unsafe SSL connections

Setting setVerifyServer(FALSE) has security implications. It can be used in development but should not be used in production.

When you use setVerifyServer(), you automatically override FGLPROFILE entries for security.global.verifyserver and ws.idws.verifyserver. To return to using settings in the FGLPROFILE entries, you must use the corresponding clearVerifyServer() method.

Example

IMPORT com

MAIN
    DEFINE req com.HttpRequest
    DEFINE resp com.HttpResponse

    LET req = com.HttpRequest.Create("https://myserver/")
    CALL req.setMethod("GET")
    CALL req.setCertificateAndKey("client.crt","client.key")
    CALL req.setCipher("AES128-SHA256")
    CALL req.setVerifyServer(FALSE)
    TRY
        CALL req.doRequest()
        LET resp = req.getResponse()
        DISPLAY resp.getStatusCode()
        DISPLAY resp.getTextResponse()
    CATCH
        DISPLAY "ERROR :",status||" ("||sqlca.sqlerrm||")"
        EXIT PROGRAM -1
    END TRY
END MAIN

FGLPROFILE must have the Certificate Authority setting:

security.global.ca ="ca.crt"

In case of error, the method throws an exception and sets the status variable. Depending on the error, a human-readable description of the problem is available in the sqlca.sqlerrm register. See Error handling in GWS calls (status).