Hi Dave,

Thanks very much for your reply. What can I tell you? The exact same URL is used in both cases... one (using HTTP) works perfectly and one (using HTTPS) does not.

The certificate is valid and I can review web content (web pages) using SSL without an issue.

The request/response data for the HTTP call looks like the following...

The request/response for the HTTPS call looks like the following...

There is nothing returned using HTTPS except the '403' error.

• The data service isn't enabled on the server.
• The data service doesn't have access to the specified database.

Thanks so much for persisting Dave!

A good tip from your colleague, but a thorough review of the DomDir revealed no issues with the existing Internet Site documents.

I am certainly accessing the exact same server/database with both commands - the only thing different is the protocol.

Funnily enough, web services that I have developed/exposed in the same database (simple Lotusscript agents that return JSON data) work fine when called via HTTPS.

So, this URL works fine...

https://xxx.abc.com.au/web/data.nsf/v1/doThisThing

... but this one does not...

https://xxx.abc.com.au/web/data.nsf/api/data/collections/name/DocsByDate?start=0&count=10

I've also just noticed something that may be a contributing factor here.

When I attempt to access the host root, I ALSO observe a 403 error. So going to https://xxx.abc.com.au, I observe...

Http Status Code: 403
Reason: Unable to process request, directory browsing is not allowed

This is getting even stranger!

It's not that I even want to access the root, but why on Earth would it reply with a 403 error?

The 'Internet Site' document lists the 'default home page' as 'index.html' (a flat HTML page) and going to https://xxx.abc.com.au/index.html works just fine.

I really need to sort this out and will continue my investigations/trials.

I'll let y'all know if I manage to get to the source of the issue.

Cheers!

Hi Terry, I'm brand new to R901, so really have not much idea what I'm doing, but we want to do a similar thing to you, and are coming back with problems as well.

From a database design point of view, I'm checking the cgi field Server_Protocol, and it's reporting HTTP/1.1 every time.  It doesn't matter whether I'm using http or https in the URL.

All our online systems use a similar design method, and we build style sheets and relative links within each system dynamically, so referencing the correct protocol from cgi and using it to build internal links is being done on most pages.

I've looked through the web site document, the admin help, and several other places, and have come up stumped.

Did you ever get to the bottom of your isues?