Highlighted
Outstanding Contributor.
Outstanding Contributor.
229 views

Service API - co-existing connections via local/https?

Jump to solution

Is it possible to allow connections to the Service API via local network, and https, without them tripping over each other?

Here's my scenario:

  • connect to "domain.CM\ServiceAPI" - connects with SSO as expected
  • connect to "https://CM.com/ServiceAPI" (alias for domain.CM above) - user prompted to login repeatedly, can't proceed

"CM.com" has valid https binding, certificate etc. I know that additional steps may be required to allow SSO via https (e.g. Anonymous Authentication)

My query is, will enabling SSO via https reverse the scenario above? (https works, but domain connections break).

Labels (1)
1 Solution

Accepted Solutions
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: Service API - co-existing connections via local/https?

Jump to solution

user prompted to login repeatedly, can't proceed

Is that happening when you try to login from the server itself? If so, that is probably by design. See-

https://support.microsoft.com/en-au/help/926642/error-message-when-you-try-to-access-a-server-locally-by-using-its-fqd

If it's happening remotely, then it could be an issue with Kerberos auth? Have you registered an SPN for the other URL? If it's an alias (CNAME) instead of an A record then I don't think Kerberos will work.

Or if you're using SAML auth then please ignore my entire comment. 😁 

View solution in original post

2 Replies
Highlighted
Honored Contributor.. Honored Contributor..
Honored Contributor..

Re: Service API - co-existing connections via local/https?

Jump to solution

user prompted to login repeatedly, can't proceed

Is that happening when you try to login from the server itself? If so, that is probably by design. See-

https://support.microsoft.com/en-au/help/926642/error-message-when-you-try-to-access-a-server-locally-by-using-its-fqd

If it's happening remotely, then it could be an issue with Kerberos auth? Have you registered an SPN for the other URL? If it's an alias (CNAME) instead of an A record then I don't think Kerberos will work.

Or if you're using SAML auth then please ignore my entire comment. 😁 

View solution in original post

Highlighted
Outstanding Contributor.
Outstanding Contributor.

Re: Service API - co-existing connections via local/https?

Jump to solution

Pardon the late reply - yep, it was "scenario 1" - just a few reg keys and a restart, and problem solvered.

Cheers 🙂

The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.