[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: (GSKit) Peer not recognized or badly formatted message received.
That is interesting that replacing the https with http might solve the
issue. However, we really need the SSL encrypted communication. This is a
requirement from both our side and the financial vendor. Did I
misunderstand the suggestion? I did verify we are using https, which we
have used for 2.5 years on this connection.
We have not had much movement on this issue today. The IBM engineer was
out of the office today so I am still waiting to hear what they are seeing
in our SSL trace. I did forward Scott K's posted response to the engineer.
One thing the engineer suggested might be causing an issue is a firewall
(ours or theirs). He asked if we could pull out from the firewall for a
moment or two in order to test. This is easier said than done for us, but
may be explored.
One thing we are doing immediately is getting current on our PTFs for V5R4.
The engineer did note in a prior conversation that he saw we were off a
couple PTFs, but did not indicate there was a known issue related.
More on this as I learn more. Thanks everyone.
Anthony Wilson
Direct To Consumer Analyst
Abercrombie & Fitch
Direct: 614.765.4807
Email: anthony_wilson@xxxxxxxxxxxxxxx
From: "Gonchigar, Sunil" <Sunil_Gonchigar@xxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Date: 03/02/2010 01:55 PM
Subject: RE: (GSKit) Peer not recognized or badly formatted message received.
I was getting the same error message. It turned out that I was using
'https' instead of 'http' without the SSL. You might want to try that.
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [
mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of
Anthony_Wilson@xxxxxxxxxxxxxxx
Sent: Monday, March 01, 2010 12:15 PM
To: HTTPAPI and FTPAPI Projects
Subject: Re: (GSKit) Peer not recognized or badly formatted message
received.
I will do that very thing. I will definitely let you all know what comes
out of this.
Anthony Wilson
Direct To Consumer Analyst
Abercrombie & Fitch
Direct: 614.765.4807
Email: anthony_wilson@xxxxxxxxxxxxxxx
From: Scott Klement <sk@xxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Date: 03/01/2010 01:07 PM
Subject: Re: (GSKit) Peer not recognized or badly formatted message
received.
Hello Anthony,
Make sure the IBM engineer understands that you are receiving the error
while the application is calling gsk_secure_soc_read() and that you're
receiving error number 410. (GSK_ERROR_BAD_MESSAGE)
I don't know what is causing this error. I haven't encountered it
myself. But, the message seems to be telling you that the OS/400 SSL
routines (GSKit) doesn't understand the format of the SSL message that
was sent to you.
Let us know what you find out
On 2/28/2010 3:46 PM, Anthony_Wilson@xxxxxxxxxxxxxxx wrote:
>
> Hello everyone,
>
> My company has been using HTTPAPI for about 2.5 years. Recently, one of
> our vendors with which we utilize HTTPAPI to perform SSL communication is
> changing to a VeriSign Class 3 Secure Server CA - G2 digital certificate.
> We believed what we needed to do was to install this cert in DCM. This
has
> been completed, but whenever we test run our process, we get the "(GSKit)
> Peer not recognized or badly formatted message received" message.
>
> We have tried everything that our staff and the vendor can think of and
> have found no solution. As a test of eliminating different factors to
find
> the culprit, the vendor temporarily disabled the SSL requirement on their
> test server& then when we ran our process, everything worked. They
> re-enabled the SSL and back to failure.
>
> In the httpapi debug listing we get during the run we see (1) the dump of
> the client-side cert (us), (2) the dump of the server-side cert (vendor)&
> then (3) the following:
>
> Protocol Used: TLS Version 1
> http_persist_post(): entered
> http_long_ParseURL(): entered
> do_post(): entered
> POST /vl/api1c.asp HTTP/1.1
> Host: cat.callit.com
> User-Agent: http-api/1.23
> Content-Type: application/x-www-form-urlencoded
> Expect: 100-continue
> Content-Length: 182
> recvresp(): entered
> (GSKit) Peer not recognized or badly formatted message received.
> ssl_error(410): (GSKit) Peer not recognized or badly formatted message
> received.
> SetError() #44: CommSSL_read: read:(GSKit) Peer not recognized or badly
> formatted message recei
> http_close(): entered
>
> We have contacted IBM and they are in the process of analyzing an SSL
> trace. However, I really could use any education& assistance on this
that
> this group could provide. The SSL is pretty new to me, but I have tried
to
> give myself a very basic understanding of the concepts and how to use
DCM.
>
> Thanks in advance.
>
> Anthony Wilson
> Direct To Consumer Analyst
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------