How to test my app has accepted cipher suites?

Owned by Former user (Deleted)
Last updated: Feb 09, 2018 by Thomas Sherman (Deactivated)
2 min read

The following test determines whether an application has the appropriate TLS and/or Ciphers to connect to Projector's web services. The test takes place against a special server configured with more restrictive security settings than we currently have in production. These more restrictive security settings will be rolled out later in 2018. A successful connection verifies the application will continue working when we roll out the changes.


  1. Determine if your application uses our new Web Services, legacy Web Services, RESTful web services, or any combination of the three. You can tell if you are using new web services because calls will begin with "PWS". Any service call that does not use "PWS" is a legacy web service. Finally, report web services
    1. New Web Services - Getting Started with Web Services 2.0 - These web services all begin with "PWS".
    2. Legacy Web Services - Getting Started with Web Services - If a web service does not begin with "PWS" it is a legacy web service
    3. RESTful Web Services - Report Web Services - These web services request a URL in the format https://app.projectorpsa.com/report/....
  2. Change the endpoint for your application to the following test endpoints. The endpoints are nearly identical to your typical endpoints, but have "QA" appended.
    1. New Web Services End Point https://secureqa.projectorpsa.com/OpsProjectorWcfSvc/PwsProjectorServices.svc?wsdl
    2. Legacy Web Services End Point https://secureqa.projectorpsa.com/OpsProjectorWebSvc/OpsProjectorSvc.asmx?wsdl
    3. RESTful Web Services
      -edit your RESTful report URL and append ‘qa’ to ‘app’. For example, https://appqa.projectorpsa.com/report/code/
  3. Connect using the following APIs
    1. New Web Services: Execute PwsAuthenicate against the test end point
    2. Legacy Web Services: Execute GetWebServiceUrl against the test end point
    3. RESTful web services: Request a report URL as you normally would. However, as that report won't exist on the QA server, you'll receive a 302 redirect to /Public/Error
  4. Examine the response.
    1. If the connection is successful – you will receive a response that the 
      1. PwsAuthenticate - you'll get a SOAPfault indicating invalid credentials as your user doesn't exist on the test server
      2. GetWebServiceUrl - you'll get an OK response and nothing else
      3. RESTful web services - returns a string or error that the report was not found (as the report does not exist on the test server)
    2. If connection fails -  responses will vary based on the software stack your application uses, but a TLS handshake failure will look similar to this: “An existing connection was forcibly closed by the remote host”

If you encounter a handshake failure, please contact Projector Support and include the date, time, time zone, request XML, and response XML that you encountered testing the web service. You can contact Projector support desk at support@projectorpsa.com or 1-617-431-4111 x1.