> On 27
Apr 2020, at 17:45, Piotr Przybyl <piotr(a)przybyl.org> wrote:
 Hello
 Please let me add my two cents... ;-)
 1. EPP is not REST-ish.
 2. For better performance it's worth to keep established connection & session, so
there's no need to
 authenticate for every request.
 If something custom is needed, then one should first establish TLS connection (not HTTPs,
as it's
 using certificates on both ends), then it's "only" a matter of sending XML
requests and responses
 back and forth.
 Hope that helps
 Piotr
 On 27.04.2020 09:24, Jaromir Talir wrote:
> Hi Lem,
>
> unfortunatelly, it is not possible to use curl as EPP client. EPP over
> TLS protocol (see RFC5734) is different from HTTPS. You need to use
> some EPP client, the best is FRED's internal fred-client.
>
> Regards,
> Jaromir
>
> On Sun, 2020-04-26 at 16:02 +0600, Lem wrote:
>> Hi,
>>
>> My name is Lem.
>>
>> I tried to use curl to check EPP and got in log:
>>
>> [26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
>> 61959] Client connected
>> [26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
>> 61959] Corba call (epp-cmd hello)
>> [26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
>> 61959] Corba call ok
>> [26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
>> 61959] Invalid epp frame length (1347375952 bytes)
>> [26/Apr/2020:15:25:36 +0600] 192.168.0.1 (process:16846) [sessionID
>> 61959] Session ended
>>
>>
>>
>> Please help me. What do I wrong?
>>
>> Output for curl:
>>
>> root# curl -k --cert /usr/share/fred-client/ssl/test-cert.pem --
>> cacert /usr/share/fred-client/ssl/test-cert.pem --key
>> /usr/share/fred-client/ssl/test-key.pem -vvvv -d '<?xml
version="1.0"
>> encoding="utf-8" standalone="no"?><epp
>> xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="
>> 
http://www.w3.org/2001/XMLSchema-instance"
>> xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-
>> 1.0.xsd"><command><login><clID>REG-
>>
CZ</clID><pw>qazQAZ123</pw><options><version>1.0</version><lang>en</l
>> ang></options><svcs><objURI>
>>
http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>http://ww…
>> 
https://192.168.0.7:700
>>
>> * Rebuilt URL to: 
https://192.168.0.7:700/
>> *   Trying 192.168.0.7...
>> * Connected to 192.168.0.7 (192.168.0.7) port 700 (#0)
>> * found 1 certificates in /usr/share/fred-client/ssl/test-cert.pem
>> * found 594 certificates in /etc/ssl/certs
>> * ALPN, offering http/1.1
>> * SSL connection using TLS1.2 / ECDHE_RSA_AES_128_GCM_SHA256
>> *      server certificate verification SKIPPED
>> *      server certificate status verification SKIPPED
>> *      common name: 192.168.0.7 (matched)
>> *      server certificate expiration date OK
>> *      server certificate activation date OK
>> *      certificate public key: RSA
>> *      certificate version: #1
>> *      subject: C...CN=192.168.0.7
>> *      start date: Fri, 24 Apr 2020 07:19:19 GMT
>> *      expire date: Mon, 22 Apr 2030 07:19:19 GMT
>> *      issuer: C...CN=192.168.0.7
>> *      compression: NULL
>> * ALPN, server accepted to use http/1.1
>>> POST / HTTP/1.1
>>> Host: 192.168.0.7:700
>>> User-Agent: curl/7.47.0
>>> Accept: */*
>>> Content-Length: 700
>>> Content-Type: application/x-www-form-urlencoded
>>>
>> * upload completely sent off: 700 out of 700 bytes
>> t<?xml version="1.0" encoding="UTF-8"?>
>> <epp xmlns="urn:ietf:params:xml:ns:epp-1.0" xmlns:xsi="
>> 
http://www.w3.org/2001/XMLSchema-instance"
>> xsi:schemaLocation="urn:ietf:params:xml:ns:epp-1.0 epp-
>> 1.0.xsd"><greeting><svID>EPP server
(DSDng)</svID><svDate>2020-04-
>>
26T15:31:16+06:00</svDate><svcMenu><version>1.0</version><lang>en</la
>> ng><lang>cs</lang><objURI>
>>
http://www.nic.cz/xml/epp/contact-1.6</objURI><objURI>http://ww…
>>>
>> * Connection #0 to host 192.168.0.7 left intact
>>
>>
>> Sincerely, Lem.
>>
>> _______________________________________________
>> fred-users mailing list
>> fred-users(a)lists.nic.cz
>> 
https://lists.nic.cz/mailman/listinfo/fred-users
>
> _______________________________________________
> fred-users mailing list
> fred-users(a)lists.nic.cz
> 
https://lists.nic.cz/mailman/listinfo/fred-users
>
 _______________________________________________
 fred-users mailing list
 fred-users(a)lists.nic.cz
 
https://lists.nic.cz/mailman/listinfo/fred-users 
 _______________________________________________
 fred-users mailing list
 fred-users(a)lists.nic.cz
 
 --
 This message has been scanned for viruses and
 dangerous content by MailScanner, and is
 believed to be clean.