Integration of 1C and B2B systems using HTTPS
Hi Habrayuzer, I want to share my recent experience of integrating two different systems.
There was a problem about the transfer of data between 1C (development and configuration was outsourced), which is planned to be used as the main electronic document management system (EDM) and B2B system (internal development), which is written in PHP (Symfony) and performs the functions of the primary information input in the company.
I already had the experience of integrating B2B with another B2B. The bottom line was to transfer JSON using cURL. Then there was the task of integrating the Borlas system, based on Oracle, where this approach was also applied. On the Oracle side, however, I used my own package - an analogue of cURL in PHP (if I’m interested, I can describe it in a new article).
As I found out, 1C 8.2 also knows how to send GET and POST requests. He suggested that if everything is already configured and works with other systems, it means that it should work here. JSON was rejected by the 1C developers, saying that the format is inappropriate and they recognize only XML. Comments that this will give us a minimum in size during the transfer of data, and the data really turned out a lot, were rejected. As a result, we started preparing 2 systems based on XML.
')
For my part, I wrote a request taker from 1C and returned the results. The function of receiving a variable in POST, in which 1Dellers were supposed to substitute XML.
The format is about the following:
a handler that returns records already selected by conditions and generates an XML of the form:
Data can only be transmitted via an HTTPS connection.
At first glance, it seems that everything is simple, but several problems arose in the process:
1) outsourcers reported that they are unfamiliar with requests of this kind, and tried to offer the old proven scheme:
1. import file from B2B,
2. Loading in 1C,
3. Export the file indicating that they were able to process, that there is not 1C,
4. Import to B2B,
5. and from the very beginning ...
The scheme was rejected, as it is necessary quickly, and without the participation of man and all sorts of "buttons."
Then asked for sample code. On the Internet, I nagulit the following example:
Data began to arrive on the server, but empty, that is, GET and POST were empty. I added a record that comes in the logs and successfully forgot about it. After 4 months, I was given an urgent task - to bring integration to the result (since a lot of time has passed, 1C developers are working, working, but nothing comes in response). They put me 1C and I began to "poke around."
First, I decided to install Fiddler to understand what was going on. I noticed that the connection goes via HTTP, and then the server redirects to HTTPS. Assumed that for this reason the data are empty. I tried to reproduce it in Chrome, and received confirmation that the data in the POST request is lost during the redirect.
Since it is impossible to allow work on HTTP, I began to study why, because it is stated that:
As a result, this "Otherwise" was thrown out, and received an error that the certificate was incorrect. The certificate was self-signed. Integration development was carried out on internal servers, where the officially purchased certificate from the “Thawte SSL CA”, unlike the PROD server. Importing a certificate into all possible repositories did not lead to a result.
Search for resources has led to the fact that all certificates are root in 1C their own, and based on them, it already checks the rest. They are in test form in the file “cacert.pem”, which is located in the “bin” folder, where 1C is located. Import is not as simple as it turned out.
First we need to export the certificate we need to a file (I already had it in my personal storage). Having launched “certmgr.msc”, having found the certificate, we export it to the * .cer file.
Next, download the Win32OpenSSL program and convert it to a test view.
I did it like this:
MD5 save, we need it.
Next, open the file "cacert.pem".
We go down to the bottom and add MD5 first, and then all the contents, which turned out in the file “fiddler.pem”.
Save the file.
Restarting 1C (maybe not necessary, but it did not work for me, so I restarted everything.
The source file in 1C was given in this form:
After clicking on the button, the request went over HTTPS and the correct XML was received at the output.
I was looking for how 1C works on HTTPS, there is a lot of material, but I did not find how to work on the subscription certificate itself.
Ready to share information about the misadventures with the setting of Oracle and B2B.
They used the same mechanism, transferring data in a POST request, but had its own pitfalls. In principle, everything turned out to be easier there.
There was a problem about the transfer of data between 1C (development and configuration was outsourced), which is planned to be used as the main electronic document management system (EDM) and B2B system (internal development), which is written in PHP (Symfony) and performs the functions of the primary information input in the company.
I already had the experience of integrating B2B with another B2B. The bottom line was to transfer JSON using cURL. Then there was the task of integrating the Borlas system, based on Oracle, where this approach was also applied. On the Oracle side, however, I used my own package - an analogue of cURL in PHP (if I’m interested, I can describe it in a new article).
As I found out, 1C 8.2 also knows how to send GET and POST requests. He suggested that if everything is already configured and works with other systems, it means that it should work here. JSON was rejected by the 1C developers, saying that the format is inappropriate and they recognize only XML. Comments that this will give us a minimum in size during the transfer of data, and the data really turned out a lot, were rejected. As a result, we started preparing 2 systems based on XML.
')
For my part, I wrote a request taker from 1C and returned the results. The function of receiving a variable in POST, in which 1Dellers were supposed to substitute XML.
The format is about the following:
<xml version="1.0"> <KEY>123ABC456</KEY> // <MODE>get_last_orders </MODE> // <LIMIT>4000</LIMIT>// </xml> a handler that returns records already selected by conditions and generates an XML of the form:
<?xml version="1.0" encoding="utf-8" ?> <data> <order> <type1>1</type1> <type>OPS</type> <ref></ref> <id_doc>4853352</id_doc> <start_date>01.01.2013</start_date> <validity>1</validity> <description> b2b</description> <additional> <Param> <ParamName></ParamName> <ParamValue>999999999</ParamValue> </Param> <Param> <ParamName> </ParamName> <ParamValue> </ParamValue> </Param> <Param> <ParamName> </ParamName> <ParamValue>01.01.2013</ParamValue> </Param> </additional> </order> <order> ... </order> </data> Data can only be transmitted via an HTTPS connection.
At first glance, it seems that everything is simple, but several problems arose in the process:
1) outsourcers reported that they are unfamiliar with requests of this kind, and tried to offer the old proven scheme:
1. import file from B2B,
2. Loading in 1C,
3. Export the file indicating that they were able to process, that there is not 1C,
4. Import to B2B,
5. and from the very beginning ...
The scheme was rejected, as it is necessary quickly, and without the participation of man and all sorts of "buttons."
Then asked for sample code. On the Internet, I nagulit the following example:
= "test.com"; = "443"; = HTTP(, , , , , ); = HTTP(, ); ; = "/gateway/GetData1C/"; .(, , , HTTP); (" : " + ()); ("HTTP", ., , , " : " + ()); ; ; Data began to arrive on the server, but empty, that is, GET and POST were empty. I added a record that comes in the logs and successfully forgot about it. After 4 months, I was given an urgent task - to bring integration to the result (since a lot of time has passed, 1C developers are working, working, but nothing comes in response). They put me 1C and I began to "poke around."
First, I decided to install Fiddler to understand what was going on. I noticed that the connection goes via HTTP, and then the server redirects to HTTPS. Assumed that for this reason the data are empty. I tried to reproduce it in Chrome, and received confirmation that the data in the POST request is lost during the redirect.
Since it is impossible to allow work on HTTP, I began to study why, because it is stated that:
= HTTP(, , , , , ); «» HTTPS, = HTTP(, ); As a result, this "Otherwise" was thrown out, and received an error that the certificate was incorrect. The certificate was self-signed. Integration development was carried out on internal servers, where the officially purchased certificate from the “Thawte SSL CA”, unlike the PROD server. Importing a certificate into all possible repositories did not lead to a result.
Search for resources has led to the fact that all certificates are root in 1C their own, and based on them, it already checks the rest. They are in test form in the file “cacert.pem”, which is located in the “bin” folder, where 1C is located. Import is not as simple as it turned out.
First we need to export the certificate we need to a file (I already had it in my personal storage). Having launched “certmgr.msc”, having found the certificate, we export it to the * .cer file.
Next, download the Win32OpenSSL program and convert it to a test view.
I did it like this:
C:\OpenSSL-Win64\bin>openssl x509 -inform der -in :\fiddler.cer -out :\fiddler.pem -text -fingerprint -md5 WARNING: can't open config file: /usr/local/ssl/openssl.cnf MD5 Fingerprint=13:BF:73:43:BB:69:19:BA:22:5D:C7:2E:44:85:91:7F MD5 save, we need it.
Next, open the file "cacert.pem".
We go down to the bottom and add MD5 first, and then all the contents, which turned out in the file “fiddler.pem”.
Save the file.
Restarting 1C (maybe not necessary, but it did not work for me, so I restarted everything.
The source file in 1C was given in this form:
() = HTTP(); = (" , ! !"); = ; ; = ; = ; = (); = XML(.()); = (); .("Content-Type", "application/x-www-form-urlencoded"); .("Content-Lenght", ); .(, , , ); (()); HTTP() = HTTP(HTTP,"443",,,,); (()); = ; ; ; () HTTP = "test.com"; = "/gateway/GetData1C"; = "C:\POST_1C\post.txt"; = "C:\POST_1C\result.xml"; After clicking on the button, the request went over HTTPS and the correct XML was received at the output.
I was looking for how 1C works on HTTPS, there is a lot of material, but I did not find how to work on the subscription certificate itself.
Ready to share information about the misadventures with the setting of Oracle and B2B.
They used the same mechanism, transferring data in a POST request, but had its own pitfalls. In principle, everything turned out to be easier there.
Source: https://habr.com/ru/post/167965/
All Articles