[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Problems with HTTPS using HTTP API
Hi Nick,
Looking over the code, I see that if you specify an SSL connection, and
you use a proxy, it'll connect TO THE PROXY using SSL. Is that correct
behavior? I have no idea, I know very little about proxies! Since we
don't actually connect to the destination host (because of the proxy) I
can't see how we could talk SSL to the host... Hmmm...
Does anyone on the list know how SSL and proxies are supposed to interact?
I'm not sure if this is helpful at all, but GSKit error 401 (which is
what your log shows) is message id CPDBC8B on i5/OS. You can use
DSPMSGD CPDBC8B to get a little more detail:
Message . . . . : Peer not recognized or badly formatted message
received.
Cause . . . . . : A Secure Sockets Layer (SSL) record was received
from a
peer which was not recognized, not valid, not expected, or has a
format
which is not supported. Also, the peer system might not have
recognized the
certificate authority which signed the local peer system
certificate.
Recovery . . . : Ensure the client and server are using compatible
protocol
versions of SSL. If the protocol versions are compatible, this may
be a
problem with the remote end points SSL implementation. Also, check
to ensure
that the peer system recognizes the certificate authority which
signed the
local peer system certificate.
Nick Townsend wrote:
> I am trying to consume a web service published by an external supplier
> using HTTP API (version 1.19). I have no problem with a test version
> of the service that does not use HTTPS, but when I try to consume the
> production version of the service which is secure I am getting an
> error 401 (GSK_ERROR_BAD_MESSAGE) from gsk_secure_soc_init() when I
> call http_url_post_raw(). The calls to HTTP API functions in my code
> are as follows:
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------