You should use HTTP.Submit() if you don't have a valid certificate, or try to set _IgnoreInvalidCertificate to true (available since version 3.5.0).

Ulrich

Ulrich,

Thanks for the reply. I can not find any reference to _IgnoreInvalidCertificate throughout the TrueUpdate help. Sounds like it's what I need, but where and how do I set this value? Do I use the SessionVar.Set?

I'm using TU version 3.5.2.0

Cheers,

-Shawn

You should set this variable at the start of your script.

You find mention to this in the release notes.

Ulrich

Thanks Ulrich, however adding that line to my server-side script did not fix the problem. Still getting the 2502 error.

Reason I want to use Secure HTTP is that our somewhere between our customer sites and our website there is a virus or malware that is intercepting data coming back down to the clients and injecting some JavaScript code that is sending people to a site using scare tactics to sell malware software. It's supposedly a product called TotalSecurity.

Our web portal was affected by this as well and using HTTPS seemed to prevent this virus from changing the HTML code being sent to clients. So I wanted to do the same with the HTTP.Submit calls I used in the update process that contact our portal.

-Shawn

Hello,

I assume you placed the _IgnoreInvalidCertificate = true into the server script because it is there where you make the call to HTTP.SubmitSecure()?

You said before that you were getting a security alert warning dialog. Do you still get the same dialog? If the dialog is gone, this would indicate that the boolean worked correctly, but there still might be another problem that is preventing the connection to the secure server.

Ulrich

Yes, I place the line in the server script.

I never said that I received a dialog when running the TrueUpdate script. Sorry if that was not obvious. I'm receiving an error 2502 in the log file. The Security Alert dialog appears when I manually access the same web page from a browser, such as IE 8.0.

So, from browser I type in the URL:



...and I get the Security Alert, but when I continue I do receive the code from the portal.


And from TrueUpdate server script:


-- The following variable allows us to ignore the Security Certificate on the
-- hosting web server.
--
_IgnoreInvalidCertificate = true;

-- Page to access on the portal to get code.
g_sGetCode = "https://www.mydomain.com/portal/page.php";

-- Make Secure Submit to the page.
val_table = {ID="12345"};
g_Code = String.Upper(String.TrimLeft(String.TrimRight(HTTP .SubmitSecure(g_sGetCode,val_table))));


...I get error 2502 and the g_Code value is blank.


I'm checking with the hosting company to see if the port is set to 443 for the HTTPS.

-Shawn

Hello,

we seem to have solved this issue. The modified code should be part of the next release of TrueUpdate, but I am unable to state when it will be published.

Ulrich