Trying to fetch the details through xdmp:http:get
function using below code but while executing, getting following error:
Socket connect error: SSL_connect 127.0.0.1:65238-127.0.0.1:5001: certificate verify failed (0x14090086)
This is the code that I am executing:
let $url := "https://localhost:5001/api/content/region/id"
return
xdmp:http-get
($url,
<options xmlns="xdmp:http">
<headers>
<access-token>Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InB6MGxYdWFwaUpaQWc5RjJXcFJLM2ciLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NTE4MzEwNjQsImV4cCI6MTY1NDQyMzA2NCwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS9pZGVudGl0eS1zZXJ2ZXIiLCJjbGllbnRfaWQiOiJpZGRuLW5ld3M6ZGVmYXVsdCIsImp0aSI6IjM5MkM2NkU0NDUzQzgwOEJBMUQxMTA3ODVBN0JDRDE2IiwiaWF0IjoxNjUxODMxMDY0LCJzY29wZSI6WyJzcXVpZGV4LWFwaSJdfQ.V-Ju-CLbYNt-nwFsqeFkrh7jOStGUiX7LdSLtqKu70MuRPXzn_ceVi7neRdbOkd81a_y9gThJmwUd1X8xysEAtilhJ1kPHk_V--AivZl21Ws9QM2_NO3CcZg1oilUqm2CcKgLU2LNLdjSEPHYgeY6lvVwpne-_kx3uy7UexTJP_GUzH4QxYxX9f_ps7zYkx4I7Mg7UTJtQ-b_OSmAfyAaQN9NW89sP5XHaLUpRW9hTjMUWhsno5iMgphQQd0uw7rEZy7LYxRJvlC_JdDr_i92PUDViDLSDO7wIPSEFD22XRYu2B-Wz_Rpu-ItSuDm0j1jC2_4osya3ddN87qlg</access-token>
<content-type>application/json</content-type>
</headers>
</options>
)
However, using postman I am able to fetch the details using same bearer token.
So what http-options should I use to make this work?
CodePudding user response:
Socket connect error: SSL_connect 127.0.0.1:65238-127.0.0.1:5001: certificate verify failed (0x14090086)
That exception is telling you that it doesn't trust the SSL/TLS cert presented by the server you are connecting to.
You need to ensure that you have the necessary certs loaded into the MarkLogic Certificate Authorities, so that MarkLogic can validate the cert and ensure that the hostname you are connecting to matches what is presented in the cert.
Another option, for testing, would be to bypass any certificate validation and apply the <verify-cert>false</verify-cert>
option:
let $url := "https://localhost:5001/api/content/region/id"
return
xdmp:http-get
($url,
<options xmlns="xdmp:http">
<headers>
<access-token>Bearer eyJhbGciOiJSUzI1NiIsImtpZCI6InB6MGxYdWFwaUpaQWc5RjJXcFJLM2ciLCJ0eXAiOiJhdCtqd3QifQ.eyJuYmYiOjE2NTE4MzEwNjQsImV4cCI6MTY1NDQyMzA2NCwiaXNzIjoiaHR0cHM6Ly9sb2NhbGhvc3Q6NTAwMS9pZGVudGl0eS1zZXJ2ZXIiLCJjbGllbnRfaWQiOiJpZGRuLW5ld3M6ZGVmYXVsdCIsImp0aSI6IjM5MkM2NkU0NDUzQzgwOEJBMUQxMTA3ODVBN0JDRDE2IiwiaWF0IjoxNjUxODMxMDY0LCJzY29wZSI6WyJzcXVpZGV4LWFwaSJdfQ.V-Ju-CLbYNt-nwFsqeFkrh7jOStGUiX7LdSLtqKu70MuRPXzn_ceVi7neRdbOkd81a_y9gThJmwUd1X8xysEAtilhJ1kPHk_V--AivZl21Ws9QM2_NO3CcZg1oilUqm2CcKgLU2LNLdjSEPHYgeY6lvVwpne-_kx3uy7UexTJP_GUzH4QxYxX9f_ps7zYkx4I7Mg7UTJtQ-b_OSmAfyAaQN9NW89sP5XHaLUpRW9hTjMUWhsno5iMgphQQd0uw7rEZy7LYxRJvlC_JdDr_i92PUDViDLSDO7wIPSEFD22XRYu2B-Wz_Rpu-ItSuDm0j1jC2_4osya3ddN87qlg</access-token>
<content-type>application/json</content-type>
</headers>
<verify-cert>false</verify-cert>
</options>
)