Postman Errors

ERP 10
#1

We are getting inconsistent results trying to access our DT instances.

  • From Postman, we CAN make a REST call to Pilot: https://ausdtspilot100.epicorsaas.com/SaaS505Pilot/api/v1/ and receive data.
  • From Postman, we CANNOT make a REST call to Live: https://ausdtsapp01.epicorsaas.com/SaaS505/api/v1/ . We get a “Cannot connect to server” error.
  • From a Web Browser, we CAN make a REST call to both Live and Pilot and get results using the above URLs.
  • From Postman, if we turn off “Verify Certificates” in the settings, we CAN make the same REST calls just like the browser for BOTH Live and Pilot.
  • We can get OData from either URL in Excel.

Both sites use the same SSL Cert (*.epicorsaas.com) when inspected in the web browser.

Wondering if this is similar to what @anyac was seeing a couple of weeks ago.

Thoughts from the well-RESTed in the group?

Mark W.

#2

Hmmm I haven’t had issues with SaaS REST… but if turning off Cert Check fixes it I’m guessing is a Postman specific issue. Does the problem manifest itself from not postman? (Custom Code, or other util)?

#3

I assume you checked under settings to make sure when you call Live the certificate shows in Postman? If so, did you run the Postman console and watch the request being sent to the host to make sure it is passing what it should? Did you try removing the certificate from Postman and adding again?

#4

So, here’s the bigger picture. We are implementing DocStar in the Cloud within our Dedicated Tenancy. In preparation, we connected the Pilot database with no issue at all, works like a charm. We cut over to the live instance and we cannot connect to DocStar. (“Cannot Connect to Remote Server”). Also, Enterprise Search starts throwing the same error. Hmm. I was testing some OData queries in Postman and Postman is giving me the error in Live but not prod. (just the /api/v1/ URL). So I’m thinking, OK, it’s our firewall or anti-virus or something.

So last night, I go home and install Postman on my Win10 machine. Same error from Live and I can connect to Pilot. I try my Mac Book using a REST client called Paw. I can connect from Mac OS (HS) to live and pilot.

Back on Windows, I CAN do queries from any web browser and the OData URLs work for either instance.

Dan, the Certs are the exact same fingerprint for *.epicorsaas.com, the only difference is the server portion - ausdtspilot100 or ausdtsapp01. We are not using client certs, or if we are, we’re not aware of it. It’s Basic HTTP authentication in Postman and OData. I assume that Epicor is doing the same for the EndPoint we’re using.[1]

Mark

  1. Side note: the endpoints in the .sysconfig files are different. Live is set to HttpsOffloadBinaryUserNameChannel but Pilot is set to HttpsBinaryUsernameChannel.
#5

I cannot see this error either.

Where these settings in Postman?

#6

Can you connect from browser?
What are the settings for Document Transfer Mode for DocStar in the Company Maintenance? Is this Client System Direct Copy?

#7

File | Settings | SSL certificate verification - located under the Request heading.

image
image.png1203×715 77.9 KB

#8

oh i see, i must have older version without it. thanks

#9

Looks like the difference between 2 connections is that Pilot sends intermediate certificate with the request and Live - does not. and probably PostMan is not smart enough to retrieve it itself…
But I don;t think it can be connected with docstar connectivity in anyway.

#10

True, but it might explain why we get the same message in Enterprise Search. That service is timing out. It works for the Ops team but not here in the field.

#11

Missed these questions:

Yes. No problem connecting via a browser under ALL circumstances (although I don’t know the URL for Enterprise Search to test that).

And maybe I don’t understand, wait, no, I definitely don’t understand how DocStar Authenication is supposed to work. There’s an e10service account and there are individual user accounts. Do we have to touch every workstation that attaches or views documents to set credentials? In Company Maintenance I see:

image
image.png753×493 88.3 KB

Choosing File Transfer and clicking on Set Server Credentials is where we get this cannot connect error within Epicor but only in the Live environment. In Pilot, it works all day. I did do some testing with Epicor that had me change the prompting in the sysconfig to Interactive. It seemed to work for a bit but now I’m back to this.
image

However, if I go to Document Type Maintenance for an individual document type, I can connect:

image

I can save MY credentials but that won’t work on any other workstation.

:thinking:

Mark W.

1 Like
#12

Documnet Transfer Mode in all attachment types are working similar.

When Document Transfer Mode is set to Client System Direct Copy, then each workstation connects to docStar directly. That is where you enter your name and password.

When it is set to File Transfer using Service - then file is uploaded on Epicor App Server and then from that location is uploaded to docstar.

On your Document Type Maintenance you set transfer mode again to direct client copy and not use the setting from company, so you can connect from your client machine again.

Interactive setting shows you this name and password for Direct client copy. It does not involved when File Transfer using service is set.

So from what I see I can tell that your Epicor App Server cannot connect to docStar, not your client computer.

#13

And the interesting thing is we CAN connect in Pilot…

image

We shall see…

Thanks!

Mark W.

#14

Just an FYI @Olga, this is the Postman Console from Live with the SSL error

image

#15

yes, i saw it. That is why I wrote that probably it cannot get intermediate cert.
Unfortunately only suggestion I found on PostMan resources for that error is to switch off that flag you mentioned. No further explanations…

1 Like
#16

I’ll report it as a bug to Postman.

#17

After some investigation by Epicor Development, this may be by design. We’re having a meeting with the Cloud Team and the DocStar team in the next day or two. Not sure if it’s a technical or marketing limitation but I’ll keep you all posted.

For Enterprise Search, the solution was to open all port 80, 8098 and 443 communication to *.epicorsaas.com

Mark W.

2 Likes
#18

Hi Mark,
Simple and unknowing question here I admit, but is it that you have two environments attempting to connect to Docstar? Is there an exclusivity aspect either to the connection and or the certs? Or do you have a Live and a ‘Pilot’ instance for the two environments and it is just implied. -Henry

#19

Hi Henry,

Actually, in the this situation we had Live and Pilot point to the same DocStar HOSTED server (where else, in the Cloud).

Basically, you cannot have Server File transfers from DocStar. They must be client side. This is basically to track licenses when you click on View In DocStar.

Mark