[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SSL Rehandshake request from server causing problems...

To: HTTPAPI Mailing List <ftpapi@xxxxxxxxxxxxx>
Subject: RE: SSL Rehandshake request from server causing problems...
From: Scott Klement <klemscot@xxxxxxxxxxxx>
Date: Mon, 18 Oct 2004 12:22:45 -0500 (CDT)
In-reply-to: <A67F795830C2734F8EDAA1E453840DC303C60829@exch2.exch.chsroot>
References: <A67F795830C2734F8EDAA1E453840DC303C60829@exch2.exch.chsroot>
Reply-to: ftpapi@xxxxxxxxxxxxx
Sender: owner-ftpapi@xxxxxxxxxxxxx

Sender: Scott Klement <klemscot@xxxxxxxxxxxx>


Hi Paul,

HTTPAPI uses the IBM Global Secure Toolkit ("GSKit") that comes with
OS/400 in order to do SSL/TLS conversations.

Re-negotiations should be handled automatically and properly by GSKit.
(And, indeed, I haven't had any problems with them.)

If re-negotiations are causing problems, it's probably a bug in GSKit --
and therefore, it's IBM who needs to fix it.  Not a lot I can do about it,
since they didn't give me the source code for it ;)

Aside from making sure that you've got all of the latest SSL related PTFs
installed, all I can suggest it contacting IBM.


On Mon, 18 Oct 2004, Stewart, Paul wrote:
>
> I am on the client side trying to use HTTPAPI to transmit XML using TLS 1.
>
> I am using the command "http_url_post_stmf".
>
> IBM DCM support area looked at Comm and SSL logs and suggested that
> there was a problem on the server side, saying they were requesting an
> SSL rehandshake.
>
> Is there something I need to set up in HTTPAPI to allow my program to
> handle a rehandshake, or should it be handled automatically? Server side
> is using an Apache server. -- An equivalent Post from Internet Explorer
>
> Here is the debug log:
>
>
> HTTPAPI Ver 1.10 released 2004-09-24
>
> https_init(): entered
> http_url_post_stmf(): entered
> getting post file size...
> opening file to be sent...
> opening file to be received
> http_persist_open(): entered
> http_long_ParseURL(): entered
> Protocol Used: TLS Version 1
> http_persist_post(): entered
> http_long_ParseURL(): entered
> do_post(): entered
> POST /efileservices/efileservlet HTTP/1.1
> Host: DestinationUrl.com
> User-Agent: http-api/1.10
> Content-Type: text/xml
> Expect: 100-continue
> Content-Length: 339440
>
>
> recvresp(): entered
> HTTP/1.1 100 Continue
>
>
> SetError() #13: HTTP/1.1 100 Continue
> sendraw(): entered
> <DataService>
>
> ... (I have removed the XML data transmitted)
>
> </DataService>
>
> recvresp(): entered
> (GSKit) Peer not recognized or badly formatted message received.
> ssl_error(415): (GSKit) Peer not recognized or badly formatted message received.
> SetError() #44: CommSSL_read:  read:(GSKit) Peer not recognized or badly formatted message recei
> http_close(): entered
>
> Any ideas?
>
> Thanks,
>
> Paul
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubsribe from the list send mail
to majordomo@xxxxxxxxxxxxx with the body: unsubscribe ftpapi mymailaddr
-----------------------------------------------------------------------

References:
- RE: SSL Rehandshake request from server causing problems...
  - From: Stewart, Paul

Prev by Date: RE: SSL Rehandshake request from server causing problems...
Next by Date: Re: HTTPAPI 1.10 pre 6 := Encoding numbers
Previous by thread: RE: SSL Rehandshake request from server causing problems...
Next by thread: Hi, first question ... HTTPAPI
Index(es):
- Date
- Thread