I've had to enable port 80 on my AES server because when requesting the wdsl document via a secure (https) connection it specifies the SystemManagementPort soapbind:address as the none secure (http) IP address rather than the secure version. For example;

I request;
https://aesserver.localdomain.local/smsxml/SystemManagementService.wsdl

I get back;

...
<service name="SystemManagementService">
<documentation/>
<port name="SystemManagementPort" binding="tns:SystemManagementBinding">
<soapbind:address location="http://10.0.0.1/smsxml/SystemManagementService.php"/>
</port>
</service>
...

The wsdl also referees to the the insecure IP in the below element;

<import namespace="http://xml.avaya.com/sms" schemaLocation="http://10.0.0.1/smsxml/xsd/models/ModelChoices.xsd"/>

We are running AES SW Version: 6.3.3.0.10-0 and have custom certificates applied.

Any one have any ideas?

I am seeing the same thing on my AE Services. I will have to submit this as a bug to the development team. I am researching a way for you to hotfix this yourself. I tried updating the SystemManagementService.wsdl, but I didn't get the desired results. I will let you know what I find.

Thank you for the response, it's good to know others are having the same issue.

I was told that SMS was designed to always return the non-secure HTTP version of the WSDL. However, there is nothing stopping your client application from editing the returned WSDL to use the secure HTTP.

How odd considering the default setup for AES is for non-secure access to be disabled (well in my experience). Oh well I'll work around it :) thanks for the help.

I attempted to use the WSDL and override the required setting but hit issues with the schemaLocation from the WSDL as this was also insecure and using the IP. Further to that the xsd files all referred to the non-secure IP and felt that having to modify these was just to much. Given this I did some digging on the AES server. I found that the init script for aesvcs (/etc/init.d/aesvcs) seemed to be responsible for generating the WSDL and xsd files so after a little playing I edited it to insert HTTPS and the hostname rather than http and the IP. This fits my needs and while it's unlikely to fit anyone elses (and will probably be broken by updates) i've included it here just in case.

I've only included the bit of the aesvcs init that I edited it should be fairly easy to see where it goes;

        # Create temporary lock file and attempt to create a hard link

        # The hard link fill guarantee that no one has created the file between

        # the if condition and here.

        echo $$ > $SMS_TEMP

        ln $SMS_TEMP $SMS_LOCK > /dev/null 2>&1



        if [ $? -eq 0 ] ; then

            # First check if the server IP has changed and only update if it has.

            USEHOSTNAME=true

            TRANSPORT="https"

            OLDIP=`perl -nle 'while(m/(http:\/\/)(.*?)(\/smsxml\/SystemManagementService.php)/g){print $2} ' /opt/mvap/web/smsxml/SystemManagementService.wsdl`

            OLDTRANSPORT=`perl -nle 'while(m/(http|https)(:\/\/)(.*?)(\/smsxml\/SystemManagementService.php)/g){print $1} ' /opt/mvap/web/smsxml/SystemManagementService.wsdl`

            if $USEHOSTNAME ; then

                SERVERIP=`hostname -f`

            else

                SERVERIP=`hostname -i`

                vIPadd=`/sbin/ifconfig eth0:0 |egrep inet`

                    if [ "$vIPadd" != "" ] &&  [ -f "/etc/sysconfig/network-scripts/ifcfg-eth0:0" ]

                    then

                        SERVERIP=`egrep IPADDR /etc/sysconfig/network-scripts/ifcfg-eth0:0`

                        SERVERIP=${SERVERIP##*=}

                    fi

            fi

            echo $SERVERIP



            if [ "$OLDIP" != "$SERVERIP" ] || [ "$OLDTRANSPORT" != "$TRANSPORT" ]; then

                echo "DOING SOME UPDATING"

                SMS_NOTE_UPDATE="Detected new IP address ($SERVERIP) - updating SMS discovery!"

                logger $0[$$] $SMS_NOTE_UPDATE

                echo $SMS_NOTE_UPDATE



                # Found new IP address update the schema and wsdls

                perl -pi -e "s/(http|https)(:\/)(.*?)(\/sms\/SystemManagementServie.php)/$TRANSPORT\2\/$SERVERIP\4/" /opt/mvap/web/sms/SystemManagementService.wsdl

                perl -pi -e "s/(http|https)(:\/)(.*?)(\/smsxml\/SystemManagementService.php)/$TRANSPORT\2\/$SERVERIP\4/" /opt/mvap/web/smsxml/SystemManagementService.wsdl

                perl -pi -e "s/(schemaLocation=\")(http|https)(:\/)(.*?)(\/smsxml\/xsd\/models)/\1$TRANSPORT\3\/$SERVERIP\5/" /opt/mvap/web/smsxml/xsd/models/*.xsd

                perl -pi -e "s/(schemaLocation=\")(http|https)(:\/)(.*?)(\/smsxml\/xsd\/models)/\1$TRANSPORT\3\/$SERVERIP\5/" /opt/mvap/web/smsxml/SystemManagementService.wsdl

            fi



             # Always remove the lock file

             rm -f $SMS_LOCK

        else

            # Link creation failed, must be someone running concurrently

            SMS_WARN_LN="WARNING - Detected concurrent aesvcs start() execution! (link creation failed) - PID[`cat $SMS_LOCK`]"

            echo $SMS_WARN_LN

        fi

I can edit the USEHOSTNAME variable to set if the hostname of the aes should be used rather than the IP and the TRANSPORT can switch between http or https. As I said it works for me and I have no idea if another part of the aes can also generate the wsdl but so far so good.