cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Check out the JMP® Marketplace featured Capability Explorer add-in
Choose Language Hide Translation Bar
OmegaMonster183
OmegaMonster183
Level I

Some proxied HTTP requests fail on Windows (schannel: next InitializeSecurityContext failed)

Oct 1, 2023 10:20 AM (1784 views)

Hello, we've found that some HTTP requests (specifically to AWS S3) fail with an HTTP proxy on Windows with the error:

 

schannel: next InitializeSecurityContext failed: Unknown error (0x80092012)

 

It looks like this may be related to these curl issues:

 

Do you have any suggestions for how to resolve or work around this issue? This prevents HTTP requests from working properly when using JMP in common corporate proxy environments so it's important for us to resolve.

 

 

0 Kudos
2 REPLIES 2
Craige_Hales
Super User Craige_Hales
Super User

Re: Some proxied HTTP requests fail on Windows (schannel: next InitializeSecurityContext failed)

Oct 1, 2023 05:30 PM (1774 views)  |  Posted in reply to message from OmegaMonster183 10-01-2023

What version of JMP? If 17, this sounds like a tech support issue. (Tab, top of page.)

 

Suggestions for a workaround:

 

If you can download a copy of curl that has the patches you need, Web site wants a password  shows how to call curl with RunProgram.

 

If you need to use curl on a linux machine from JMP on a windows machine, these might be helpful; they are all the same idea of using plink (putty) to create a remote shell. I would not go there if you can put curl on the windows machine.

Can JSL talk to Linux? 

JSL to Control Raspberry Camera 

Beowulf, Newton, and Mr Hanson 

Multiple precision arithmetic with Python 

Craige
0 Kudos
bryan_boone
Staff bryan_boone
Staff

Re: Some proxied HTTP requests fail on Windows (schannel: next InitializeSecurityContext failed)

Oct 1, 2023 08:55 PM (1765 views)  |  Posted in reply to message from Craige_Hales 10-01-2023

schannel error are Windows are typically due to using https and self-signed certificates or certificates that cannot be checked for revocation.
HTTP Request, which uses libcurl dynamically links to WinSSPI which is the certificate "vault" for the OS. Any certificate that is installed locally cannot be verified.

 

curl that Craige mentions automatically turns verification off, which while it works, will defeat the use of https. That is, the connection will still be encrypted, but the certificate used to encrypt it is unverified. In short, you have to know you trust it.

 

HTTP Request allows you to turn secure off, using Secure(0)

Additionally,

JMP 16 introduced:

Certificates( "c:\certs\my_certificate.crt" );

which will allow you to use your own certificate file

and

Verify SSL( "false" )

which will turn certificate verification off.