B2B Integration

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#SupplyChain
#B2BIntegration

If you are using Sterling B2B Integrator v6.0 and above then you can use rest api client service. Following is the KC link for the same.

https://www.ibm.com/docs/en/b2b-integrator/6.0.2?topic=z-rest-api-client-service

------------------------------
Malagouda Patil
------------------------------

Original Message:
Sent: Thu November 17, 2022 12:43 PM
From: John Morrissey
Subject: Issues connecting to an API.

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#SupplyChain
#B2BIntegration

Thank You for the suggestion. We are running 6.1.1. I tried to use the rest api client but it tells me the URL is not valid.  I am trying to find other examples to see what it does not like.

------------------------------
John Morrissey
------------------------------

Original Message:
Sent: Fri November 18, 2022 01:16 AM
From: Malagouda Patil
Subject: Issues connecting to an API.

If you are using Sterling B2B Integrator v6.0 and above then you can use rest api client service. Following is the KC link for the same.

https://www.ibm.com/docs/en/b2b-integrator/6.0.2?topic=z-rest-api-client-service

------------------------------
Malagouda Patil

Original Message:
Sent: Thu November 17, 2022 12:43 PM
From: John Morrissey
Subject: Issues connecting to an API.

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#SupplyChain
#B2BIntegration

We had once the READ_FAILURE issue because of the supported TLS ciphers.
So you could check the supported TLS ciphers with ssllab and then check on SI if there is a match.

Best regards
Manuel

------------------------------
Manuel Frank
Integration Architect
Andreas STIHL AG & Co. KG
Waiblingen
------------------------------

Original Message:
Sent: Thu November 17, 2022 12:43 PM
From: John Morrissey
Subject: Issues connecting to an API.

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#B2BIntegration
#SupplyChain

Thank you for the suggestion.  It looks like we support the same ciphers but I am not 100% sure. The SSLLABs site checks our server. Do you know if the same ciphers would be used for the B2B client or is that a different set?  If I look at the security properties file, the ciphers they support are not listed under the "weak", "strong", "All", or "CipherSuiteDefault" cipher suites settings. The only place they exist is under the "NISTCompliantCipherSuite". In our instance, the weak, strong, and all settings are commented out so I believe it is using the default set.  How this translates to the partner profile ssl setting where you can select weak, strong, or all for the cipher strength, I am not completely sure.

------------------------------
John Morrissey
------------------------------

Original Message:
Sent: Mon November 21, 2022 02:56 AM
From: Manuel Frank
Subject: Issues connecting to an API.

We had once the READ_FAILURE issue because of the supported TLS ciphers.
So you could check the supported TLS ciphers with ssllab and then check on SI if there is a match.

Best regards
Manuel

------------------------------
Manuel Frank
Integration Architect
Andreas STIHL AG & Co. KG
Waiblingen

Original Message:
Sent: Thu November 17, 2022 12:43 PM
From: John Morrissey
Subject: Issues connecting to an API.

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#B2BIntegration
#SupplyChain

As far as I know SI's http server and client are using different properties here.
If one of the API supported ciphers are in the NIST property I would suggest to copy this one to the CipherSuiteDefault and add the line to the customer_overrides file. That was how we solved our issue.

Best regards
Manuel

------------------------------
Manuel Frank
Integration Architect
Andreas STIHL AG & Co. KG
Waiblingen
------------------------------

Original Message:
Sent: Tue November 29, 2022 04:47 PM
From: John Morrissey
Subject: Issues connecting to an API.

Thank you for the suggestion.  It looks like we support the same ciphers but I am not 100% sure. The SSLLABs site checks our server. Do you know if the same ciphers would be used for the B2B client or is that a different set?  If I look at the security properties file, the ciphers they support are not listed under the "weak", "strong", "All", or "CipherSuiteDefault" cipher suites settings. The only place they exist is under the "NISTCompliantCipherSuite". In our instance, the weak, strong, and all settings are commented out so I believe it is using the default set.  How this translates to the partner profile ssl setting where you can select weak, strong, or all for the cipher strength, I am not completely sure.

------------------------------
John Morrissey

Original Message:
Sent: Mon November 21, 2022 02:56 AM
From: Manuel Frank
Subject: Issues connecting to an API.

We had once the READ_FAILURE issue because of the supported TLS ciphers.
So you could check the supported TLS ciphers with ssllab and then check on SI if there is a match.

Best regards
Manuel

------------------------------
Manuel Frank
Integration Architect
Andreas STIHL AG & Co. KG
Waiblingen

Original Message:
Sent: Thu November 17, 2022 12:43 PM
From: John Morrissey
Subject: Issues connecting to an API.

We are trying to connect to an API to get an authorization token to use in subsequent API calls to get or post data. The url looks like https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature&timestamp=1667469087254&nonce=494700 where nonce is a random integer between 100000 and 1000000 and timestamp is the number of milliseconds since Jan 1, 1970. I have https://{host}/app/api/JrmQfe/MJZZbq/LoginApi/Login?signature=signature in the partner profile along with the required SSL settings and certificates. I generate the timestamp and random integer in the BP and build the complete URL.
The error I get at the HTTP Post is:
HTTP reason phrase [Internal Error: Connection was closed from the perimeter side with error: CloseCode.READ_FAILURE]
I don't see anything in the HTTP Client logs that points to the problem.

Using POSTMAN or Invoke-WebRequest with PowerShell successfully returns a response so the API seems to be working just not with B2B. I have confirmed we can reach the host from our DMZ so that should not be an issue.

I have tried various versions of how much of the URL I put in the partner profile and how much I generate at runtime and they all fail. I have tried not using the partner profile in the HTTP Begin session and using the fully generated URL and it still fails.

We have successfully connected to other APIs with out this problem.

Has anyone see something like this before?  Is there some setting the API needs to change to make it work with B2B? 
Any advice is appreciated.

------------------------------
John Morrissey
------------------------------

#B2BIntegration
#SupplyChain