Closed maggiv8 closed 6 months ago
Thiss will be hard to troubleshoot. I have a hunch it might depend on a package upgrade, I reverted it and will publish a new version in minutes. Please let me know if it did the trick
Fantastic, thank you so much Marcello. You fixed my issue :) It works fine now with version 1.7.3
Thanks for the confirmation. I will risk reintroducing this at the next update. Would you be available to test a dev build before I release it?
Yes sure, just let me know when and I can test it.
On Thu, 9 Nov 2023, 21:45 Marcello Urbani, @.***> wrote:
Thanks for the confirmation. I will risk reintroducing this at the next update. Would you be available to test a dev build before I release it?
— Reply to this email directly, view it on GitHub https://github.com/marcellourbani/vscode_abap_remote_fs/issues/201#issuecomment-1803636751, or unsubscribe https://github.com/notifications/unsubscribe-auth/BAFI2BESLTSYFTBI32BID4TYDS3NZAVCNFSM6AAAAAA7DN7M3OVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMBTGYZTMNZVGE . You are receiving this because you modified the open/close state.Message ID: @.*** com>
@maggiv8 Can you please test this 1.7.4 preview
@maggiv8 Can you please test this 1.7.4 preview
Unfortunately the same error occurs again in this version (i.e. Exception in document symbol: unable to verify the first certificate). I can create a test user for you in my S4 system if you like and provide the certificate to you. This way you can test it out yourself (assuming/hoping you run VSCode on Ubuntu).
@maggiv8 This would be fantastic. I don't even need an user, as I can tell a login error from a TLS validation one I run arch btw, pretty sure won't be an issue
@maggiv8 are you sure you installed this? Just tried with my own server and my own CA and worked
@maggiv8 are you sure you installed this? Just tried with my own server and my own CA and worked
Yes, I did. If I could get your email address please I can send you the server details, login data and the corresponding certificate.
Thanks. It's marcello.urbani at gmail.com, I believe it's in my profile
I'm getting the same error on version 1.7.3 and 1.7.4 preview. Any updates on this?
@catbuubuu I tested this in house both with allowSelfSigned and customCA, and works fine
If you have a public url I can have a look. Don't need to access the system, this would fail even before authentication
Hi there,
if you copy your certificate details into the configuration file, then it should work. The configuration file should look like this:
{ "folders": [ { "name": "sapclientxxx(ABAP)", "uri": "adt://sapclientxxx" }, { "name": "Main", "path": "." } ], "settings": { "abapfs.remote": {
"sapclientxxx": {
"url": "https://server:port/",
"username": "user",
"password": "pwd",
"client": "xxx",
"language": "xx",
//"allowSelfSigned": true,
"customCA": "-----BEGIN CERTIFICATE-----\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\n AAAAAAAAAAAAAAAA\n -----END CERTIFICATE-----",
"sapGui": {
"server": "server:port",
"systemNumber": "xx"
}
}
}
}
}
I hope this helps. Best, C.
Hi there,
I just realised, that I tested on version 1.7.3. I then upgraded to 1.7.4 and 1.7.5, and in both version the same issue occurs again. @marcellourbani : any chance you could look into this again, if possible please. Happy to provide you my server details again just like we did last time.
Thank you. Best, C.
@maggiv8 yes sure Please send me the details
Thank you so much. I have sent you the system and connection details via email.
@maggiv8 thanks for ptoviding a test server. This works now (7.3 basically enforced allowSelfSigned for all, which was wrong)
The problem was in your configuration, who had spaces at every newline A certificate is a base64 encoded binary, newlines are ignored and spaces are not allowed @catbuubuu you might have the same issue
{
"abapfs.remote": {
"sapclientxxx": {
"url": "https://server:port/",
"username": "user",
"password": "pwd",
"client": "xxx",
"language": "xx",
//"allowSelfSigned": true,
"customCA": "-----BEGIN CERTIFICATE-----\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA\nAAAAAAAAAAAAAAAA\n-----END CERTIFICATE-----",
"sapGui": {
"server": "server:port",
"systemNumber": "xx"
}
}
}
}
Thank you so much @marcellourbani . It works now again with version 1.7.5
Hi there,
I am connecting to my S4/2021 system via a certificate installed on operating system level (Ubuntu 22.04). A connectivity test using this certificate to connect to the SAP server works fine on operating system level by entering the following command: openssl s_client -connect abc.com:44301 -CApath /etc/ssl/certs
Part of the output is:
SSL handshake has read 1702 bytes and written 426 bytes Verification: OK
New, TLSv1.2, Cipher is ECDHE-RSA-AES128-GCM-SHA256 Server public key is 2048 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE No ALPN negotiated
It was all working fine until version 1.7.2. Since I upgraded to version 1.7.2 I can't commit any changes anymore to the backend as I am getting the following error message in the ABAP FS output: Exception in document symbol: unable to verify the first certificate [Error - 06:22:06] Request textDocument/formatting failed. Message: Request textDocument/formatting failed with message: unable to verify the first certificate Code: -32603
Any help would be highly appreciated as I like working with VS Code for ABAP. Thank you. Kind regards Christoph
When reverting back to version 1.7.1. everything is working fine again.