.lv issue, NIC.lv

[luggesexe]

Hello, I am trying to implement the .lv extension. I'm running into a few problems.

1. When creating a Domain, I need to check which status it has (f.e. "ok", "pendingCreate"). I know where this is located, but I am not able to fetch it, as the function getLvDomainStatus only responds with the answer in between both XML-Parts. I tried building my own query in lvEppInfoDomainResponse.

public function getSecondaryDomainStatus() { return $this->getXpathQueryResult("/epp:epp/epp:response/epp:extension/lvDomain:infData/lvDomain:status/@s"); }

if (($response = $conn->request($info)) instanceof lvEppInfoDomainResponse) {

This does not seem to work at all. I am not able to access the lvDomain:status inner Element.

2. The getDomainExpirationDate returns as NULL in the testing-System. May this be an issue with the System, or is it from the Code-Site?
3. In the contact extension for .lv I can input a registration number, is this the same as the Latvian personal code? Or does it accept another value?
4. Is it in general possible using the DNSSEC-Code the same way for .lv as for any other Registry?

Gladly awaiting your response. Kind regards, Lukas-Adrian

[metaregistrar]

Hi,

Questions 2-4 you should really ask the registry of .LV domains, to see if they use the standard implementation (for example for DNSSEC) or if they have their own implementation. For DNSSEC I have yet to see a registry that has not used the standard, so I presume .LV will also use that.

About the first question, since we do not have a .LV account, it is difficult to answer. Best thing to do is just debug by first requesting /epp:epp/epp:response/epp:extension/lvDomain:infData/lvDomain and see what that gives.. If you var_dump that result, you can determine where the status field is.

[luggesexe]

Hello, thank you for answering my request. I found a solution for my questions.

1. I will make a PR later today, including the named Status.
2. If you request the Expiration Date you need to fetch it directly from the $response instead of the $d->getDomain(), then it works without problems.
3. The value is indeed the same. The only difference in the account type is when the org is set. Then it will automatically transform.

Further I do have another question. It is stated, that SWITCH (.ch) is supported. I tried to connect via my account on the testing system but get the same response as in the Issue #78. I verified, that the IP that I am connecting with is indeed the same as set with SWITCH. Do you have a special implementation set?

Thank you very much. Kind regards, Lukas-Adrian

[metaregistrar]

Hello Lukas-Adrian,

For the connection to Switch, I use the default 'eppConnection' class. It seems that I have never used any "Switch-specific" EPP commands, so that might be the case why there is no class specific for Switch.CH

This is my code for connecting to Switch.CH:

    $conn = new \Metaregistrar\EPP\eppConnection();
    $conn->setHostname('ssl://epp.nic.ch');
    $conn->setPort(700);
    $conn->setUsername('');
    $conn->setpassword('');
    if ($conn->connect()) {
        if ($conn->login()) {
            echo "Login succesful\n";
            $conn->logout();
            echo "Logged out\n";
        }
    }

[luggesexe]

Hello, thank you. Are you passing any certificate file? I tried it with the same settings with the main environment (ssl://epp.nic.ch, tls:// and without) as well with the testing environment (epp-test.switch.ch, ssl://, tls://). I do not quite understand where this error may come from. Please see following.

Warning: stream_socket_client(): SSL: Success in /var/www/vhosts/vendor/metaregistrar/php-epp-client/Protocols/EPP/eppConnection.php on line 354

Warning: stream_socket_client(): Failed to enable crypto in /var/www/vhosts/vendor/metaregistrar/php-epp-client/Protocols/EPP/eppConnection.php on line 354

Warning: stream_socket_client(): unable to connect to tls://epp.nic.ch:700 (Unknown error) in /var/www/vhosts/vendor/metaregistrar/php-epp-client/Protocols/EPP/eppConnection.php on line 354

Without prefix, I get Fatal error: Uncaught Metaregistrar\EPP\eppException: Unexpected closed connection by remote host... in return.

Edit; I verified with phpInfo, that openSSL is enabled and working.

Any idea? Many kind regards, Lukas-Adrian

[metaregistrar]

No, nothing, the connection as I have listed it here is what it is - if you fill in username and password, and whitelist the IP address, it should work.

Unexpected closed connection: Are you sure the IP address is whitelisted?

[luggesexe]

<?php
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
error_reporting(E_ALL);
set_time_limit(300);
require_once('../../../vendor/autoload.php');
use Metaregistrar\EPP\eppConnection;
use Metaregistrar\EPP\eppException;
use Metaregistrar\EPP\eppDomain;
use Metaregistrar\EPP\eppInfoDomainRequest;
use Metaregistrar\EPP\eppContactHandle;
use Metaregistrar\EPP\eppHost;
use Metaregistrar\EPP\eppCheckDomainRequest;
use Metaregistrar\EPP\eppCheckDomainResponse;
use Metaregistrar\EPP\eppCheckRequest;
use Metaregistrar\EPP\eppContactPostalInfo;
use Metaregistrar\EPP\eppCreateHostRequest;
use Metaregistrar\EPP\eppInfoContactRequest;
use Metaregistrar\EPP\eppDeleteDomainRequest;
use Metaregistrar\EPP\eppPollRequest;
use Metaregistrar\EPP\eppResponse;
use Metaregistrar\EPP\eppCreateDomainRequest;
use Metaregistrar\EPP\eppDeleteContactRequest;
use Metaregistrar\EPP\eppUpdateDomainRequest;
use Metaregistrar\EPP\eppUpdateDomainResponse;
use Metaregistrar\EPP\eppTransferRequest;
use Metaregistrar\EPP\eppInfoHostResponse;

$ip_server = $_SERVER['SERVER_ADDR'];
echo "Server IP $ip_server";

try {
    $conn = new \Metaregistrar\EPP\eppConnection();
    $conn->setHostname('**epp-test.switch.ch**');
    $conn->setPort(**7001**);
    $conn->setUsername('**USERNAME**');
    $conn->setpassword('**PASSWORD**');
    if ($conn->connect()) {
        if ($conn->login()) {
            echo "Login succesful\n";
            $conn->logout();
            echo "Logged out\n";
        }
    }
} catch (eppException $e) {
    echo "ERROR: " . $e->getMessage() . "\n\n";
}
?>

Maybe I am doing something wrong, but this is my code. It worked just fine with .lv thats why I am confused why this wont work here. I looked up the server IP (see above) and compared it once again with what is saved at SWITCH. I am really clueless by now but eventually I am doing something wrong here.

Unexpected closed connection by remote host... ==== LOG ==== -----Connection made-----2022-02-01 22:41:54----- Stream opened -----END-----2022-02-01 22:41:55----- -----WRITE-----2022-02-01 22:42:05----- XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX 1.0 en urn:ietf:params:xml:ns:domain-1.0 urn:ietf:params:xml:ns:contact-1.0 urn:ietf:params:xml:ns:host-1.0 61f9a92d08988 -----END-----2022-02-01 22:42:05-----

[metaregistrar]

Please find my total code and test here (usernames and passwords removed):

$cd domainspecific/chdomains/
$cat login.php
<?php
require('../../vendor/autoload.php');

try {
    $conn = new \Metaregistrar\EPP\eppConnection();
    $conn->setHostname('ssl://epp.nic.ch');
    $conn->setPort(700);
    $conn->setUsername('(removed)');
    $conn->setpassword('(removed)');
    if ($conn->connect()) {
        if ($conn->login()) {
            echo "Login succesful\n";
            $conn->logout();
            echo "Logged out\n";
        }
    }

} catch (Metaregistrar\EPP\eppException $e) {
    echo "ERROR: " . $e->getMessage() . "\n\n";
}
$php login.php
Login succesful
Logged out

[metaregistrar]

Are you sure port 7001 is correct? Most registries have port 700 as standard port. But I am not sure about Switch, since I have not connected to their test services for a long time now.

[luggesexe]

I verified with OpenSSL, if a certificate is set on epp-test.switch.ch. Turns out that is not, but I was able to verify that port 7001 is correct. I asked my Server-Provider for additional support, I think that it might be (a) a firewall error, that it is blocking this port, (b) that some type of OpenSSL error is happening because of faulty server configuration or (c) that somehow the IP is not correct thus being checked over and over again. May there be an opportunity, that this is an issue, as with #130? Only when I connect to epp-test.switch.ch with (as it seems correct port 7001), I get the error Unexpected closed connection by remote host....

[metaregistrar]

There is a good possibility that your outgoing firewall blocks traffic on unknown ports. The message 'Unexpected closed connection' happens mostly when either a firewall on your side or a firewall on the provider side blocks the connection attempt.

[luggesexe]

Hello, this was not the expected solution unfortunately. SWITCH requested to see the full XML-Command and the response with the XML-Command. How do I access this?

Kind regards, Lukas-Adrian

[metaregistrar]

If you create the connection use parameter '$logging' to enable logging:

$conn = new \Metaregistrar\EPP\eppConnection(true);

Output will look like this:

==== LOG ====
-----Connection made-----2022-02-07 09:34:49-----
Stream opened to ssl://epp.nic.ch port 700 with protocol TLSv1.3, cipher TLS_AES_256_GCM_SHA384, 256 bits TLSv1.3
-----END-----2022-02-07 09:34:49-----

-----WRITE-----2022-02-07 09:34:50-----
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">
  <command>
    <login>
      <clID>XXXXXXXXXXXXXXXX</clID>
      <pw>XXXXXXXXXXXXXXXX</pw>
      <options>
        <version>1.0</version>
        <lang>en</lang>
      </options>
      <svcs>
        <objURI>urn:ietf:params:xml:ns:domain-1.0</objURI>
        <objURI>urn:ietf:params:xml:ns:contact-1.0</objURI>
        <objURI>urn:ietf:params:xml:ns:host-1.0</objURI>
      </svcs>
    </login>
    <clTRID>6200e7ba15542</clTRID>
  </command>
</epp>

-----END-----2022-02-07 09:34:50-----

-----READ-----2022-02-07 09:34:50-----
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">  
  <response>    
    <result code="1000">      
      <msg lang="en">Command completed successfully</msg>    
    </result>    
    <trID>      
      <clTRID>6200e7ba15542</clTRID>      
      <svTRID>20220207.136030753.1473255324</svTRID>    
    </trID>  
  </response>
</epp>

-----END-----2022-02-07 09:34:50-----

-----LOGIN-----2022-02-07 09:34:50-----
Logged in
-----END-----2022-02-07 09:34:50-----

-----WRITE-----2022-02-07 09:34:50-----
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:domain="urn:ietf:params:xml:ns:domain-1.0" xmlns:contact="urn:ietf:params:xml:ns:contact-1.0" xmlns:host="urn:ietf:params:xml:ns:host-1.0">
  <command>
    <logout></logout>
    <clTRID>6200e7ba313f0</clTRID>
  </command>
</epp>

-----END-----2022-02-07 09:34:50-----

-----READ-----2022-02-07 09:34:50-----
<?xml version="1.0" encoding="UTF-8"?>
<epp xmlns="urn:ietf:params:xml:ns:epp-1.0">  
  <response>    
    <result code="1500">      
      <msg lang="en">Command completed successfully; ending session</msg>    
    </result>    
    <trID>      
      <clTRID>6200e7ba313f0</clTRID>      
      <svTRID>20220207.136030753.1473255326</svTRID>    
    </trID>  
  </response>
</epp>

-----END-----2022-02-07 09:34:50-----

-----LOGOUT-----2022-02-07 09:34:50-----
Logged out
-----END-----2022-02-07 09:34:50-----

-----DISCONNECT-----2022-02-07 09:34:50-----
Disconnected
-----END-----2022-02-07 09:34:50-----

[luggesexe]

Hello, I thought about that aswell, but I only get lines like that out of it.

-----END-----2022-02-07 09:34:50-----
-----LOGOUT-----2022-02-07 09:34:50-----

I do not see any XML. Do I need to access anything else while returning? I saw something along the lines as saveXML() but I do not quite recall.

Kind regards, Lukas-Adrian

[metaregistrar]

That means that there is no exchange of XML data. So that would indicate that there are still firewalls blocking your connection.

[metaregistrar]

Do you see this message? Stream opened to ssl://epp.nic.ch port 700 with protocol TLSv1.3, cipher TLS_AES_256_GCM_SHA384, 256 bits TLSv1.3

[luggesexe]

ERROR: Unexpected closed connection by remote host... ==== LOG ==== -----Connection made-----2022-02-07 10:52:09----- Stream opened -----END-----2022-02-07 10:52:09----- -----WRITE-----2022-02-07 10:52:19----- XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX 1.0 en urn:ietf:params:xml:ns:domain-1.0 urn:ietf:params:xml:ns:contact-1.0 urn:ietf:params:xml:ns:host-1.0 6200ebd3004de -----END-----2022-02-07 10:52:19-----

[luggesexe]

As I looked into it, I do not get out of the (successfull) connection with nic.lv any kind of XML-Response. Thats why I think I miss something wile logging.

Successfull connection with missing XML-Parts
==== LOG ==== -----Connection made-----2022-02-07 10:57:15----- Stream opened with protocol TLSv1.2, cipher ECDHE-RSA-AES128-GCM-SHA256, 128 bits TLSv1.2 -----END-----2022-02-07 10:57:15----- -----WRITE-----2022-02-07 10:57:15----- XXXXXXXXXXXXXXXX XXXXXXXXXXXXXXXX 1.0 en urn:ietf:params:xml:ns:domain-1.0 urn:ietf:params:xml:ns:contact-1.0 urn:ietf:params:xml:ns:secDNS-1.1 http://www.nic.lv/epp/schema/lvcontact-ext-1.0 http://www.nic.lv/epp/schema/lvdomain-ext-1.0 6200ecfbc4f6d -----END-----2022-02-07 10:57:15----- -----READ-----2022-02-07 10:57:15----- login successful 6200ecfbc4f6d LVNIC-20220207-e53458d82d0d780f2b9a6f257d7fdba7-1 -----END-----2022-02-07 10:57:15----- -----LOGIN-----2022-02-07 10:57:15----- Logged in -----END-----2022-02-07 10:57:15----- -----WRITE-----2022-02-07 10:57:15----- 6200ecfbd5e72 -----END-----2022-02-07 10:57:15----- -----READ-----2022-02-07 10:57:15----- Command completed successfully; ending session 6200ecfbd5e72 LVNIC-20220207-e53458d82d0d780f2b9a6f257d7fdba7-2 -----END-----2022-02-07 10:57:15----- -----LOGOUT-----2022-02-07 10:57:15----- Logged out -----END-----2022-02-07 10:57:15----- -----DISCONNECT-----2022-02-07 10:57:15----- Disconnected -----END-----2022-02-07 10:57:15-----

[metaregistrar]

If you open a connection, and then send a login command to NIC.LV, and they do not respond, maybe you can send this output to them and they can tell you what happened.

[luggesexe]

No, this is not an issue with nic.lv. I can open the connection and anything as expected. I just wanted to show you, that while exchanging XML Files with NIC.lV I do not display them here. I need to show SWITCH the Output of XML, but I think I did not activated something because even in a correct connection the XML is not displayed.

The issue here is still SWITCH-Related. They may find something in their log with a connection or Response-ID...

[luggesexe]

Do you see this message? Stream opened to ssl://epp.nic.ch port 700 with protocol TLSv1.3, cipher TLS_AES_256_GCM_SHA384, 256 bits TLSv1.3

No, I cannot see that. I can see, that the Stream is opened but not with what protocol etc. as what I expected.

[metaregistrar]

That would indicate that you do not have the latest version of php-epp-client. Can you check that?

[luggesexe]

Currently working on "metaregistrar/php-epp-client": "^1.0", required via Composer.

That would indicate that you do not have the latest version of php-epp-client. Can you check that?

[metaregistrar]

1.0.11 is the latest stable version, the one I am using

[luggesexe]

I think the server is on version 1.0.10. I will check that later that day. Thank you! I also answered the request from SWITCH in expectancy for an appropriate answer.

[luggesexe]

Hello, I got a response from SWITCH. It happened to be a whitelist/IP-Error on their side. It is important to connect via ssl://epp-test.switch.ch. Thanks a lot for your help.

Kind regards, Lukas-Adrian