MID Server OCSP Check and MID Server Proxy

panda1
Kilo Guru

‎06-05-2024 02:02 AM

I use RESRMessage to call external rest API in ServiceNow、Used MID Server

The following error has occurred:

The request failed: Request not sent to uri= https://xxxx.xxxxx.jp/_apis/projects/?api-version=6.0 : org.apache.commons.httpclient.HttpException: The host did not accept the connection within timeout of 10000 ms *.xxxx.jp

 

I have checked the article below

MID Server Connectivity Issues due to OCSP failures - Known Error (servicenow.com)

When I turned off OCSP check, I received 200 response .But this is not the recommended method。

 I noticed that it is necessary to allow access to this link(http://ocsp.entrust.net/)

After using the proxy on the host where my MID Server is located, the link can be accessed normally.

So I added a proxy in the properties of MID Server 

glide.http.proxy_host

glide.http.proxy_port

But after adding it, the URL of the REST API cannot be accessed

The URL cannot be accessed using a proxy in my environment  ( xxxx.xxxxx.jp)

Is there a way for MID Server to use a proxy to access OCSP related URLs, but to access certain specific URLs without using a proxy

Or is there any other way to solve the problem

 

 

 

 

0 Helpfuls
  • 1,508 Views
6 REPLIES 6

Sohail Khilji
Kilo Patron
Kilo Patron

‎06-05-2024 02:14 AM - edited ‎06-05-2024 02:14 AM

Did you do it on config file ?

 

In your MID server config.xml (/agent/config.xml) you will need to uncomment and populate these values:-

    <parameter name="mid.proxy.use_proxy" value="true"/>
    <parameter name="mid.proxy.host" value="YOUR_PROXY_HOST"/>
    <parameter name="mid.proxy.port" value="YOUR_PROXY_PORT"/>

If your proxy requires authentication then you will also need to uncomment and populate these values:-

    <parameter name="mid.proxy.username" value="YOUR_PROXY_USER_NAME"/>
    <parameter name="mid.proxy.password" value="YOUR_PROXY_PASSWORD" encrypt="true"/>

 

and will mid server setup process it would ask if you need to use proxy connection ? from there you can configure proxy and test it...

 

also on servicenow midserver record entry....

SohailKhilji_1-1717578771998.png

 

restart mid server after any config / prop changes...

 

 If you set up the proxy properties on the MID server, all communications will go through the proxy, including internal server ones.
Busy proxies could cause connectivity problems for the MID server, especially on Discovery operations.


☑️ Please mark responses as HELPFUL or ACCEPT SOLUTION to assist future users in finding the right solution....

LinkedIn - Lets Connect

0 Helpfuls

Appli
Mega Sage
Mega Sage

‎06-06-2024 08:43 AM

Hi, I do not think such option (selective use of http proxy in MID) exists however you may try approaching network team, and ask them making REST endpoint accessible through Proxy server.

Hope it helps

panda1
Kilo Guru

‎06-10-2024 07:10 PM

Thank you for your answers.

Bypass the proxy server (servicenow.com)

glide.http.proxy_bypass_list . It seems to meet my requirements and can bypass the proxy

It seems that there is such a property, but after I set it, it is not possible, but the error message has changed. It has become org. apache. common. https client HttpException: unknown tag 28 encountered

Subsequently, I checked the MID Server server and found that such logs appeared on the server

 

[GlideSSLProtocolSocketFactory:539] OCSP revoke check IOException for *.xxxx.xxx

[OCSPCheck:500] OCSPCheck HTTP status: 407, error message: Method failed: (/) with code: 407

This seems to be an issue with my proxy server I will go check

 

 

 

0 Helpfuls

Elinsoid
Giga Contributor

‎05-10-2025 05:14 AM

Have you solved this OP?

0 Helpfuls