[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Unknown system state during get request

From: "Eric Wasek" <ericw@xxxxxxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Unknown system state during get request
Date: Tue, 7 Dec 2010 18:22:09 -0600
Hello David,

The systems we deal with do not have default certificates associated with 
the *SYSTEM certificate store.  We checked early on to make sure there were 
no default certificates setup by mistake on the system that possesses the 
problem.  We also checked to make sure that the *SYSTEM certificate store 
was set up (I think this would cause a different error if it were not set 
up.).

Thanks for the tip.
Eric

----- Original Message ----- 
From: "David Huls" <dhuls@xxxxxxxxxxxxxxxxxxxx>
To: "HTTPAPI and FTPAPI Projects" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, December 03, 2010 1:27 PM
Subject: RE: Unknown system state during get request


> We were struggling with the dreaded 'Unknown System State' on our 
> development system when using http_url_post_stmf.
> Ended up that the *SYSTEM certificate store had an associated default 
> certificate that had expired. Renewed it and all was fine.
> Our production system has no default certificate associated w/ *SYSTEM and 
> we have never had an issue there
>
> -----Original Message-----
> From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx 
> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
> Sent: Monday, November 29, 2010 1:53 PM
> To: HTTPAPI and FTPAPI Projects
> Subject: Re: Unknown system state during get request
>
> hi Eric,
>
> What I can tell you is that HTTPAPI is calling the gsk_secure_soc_init()
> API provided by OS/400.  The API is failing with error code
> GSK_ERROR_IO, and errno is set to EUNKNOWN. That's all the information I
> have about the error at this point.
>
> As the error is occurring during a call to an IBM API, we're left with
> two possibilities:  (1) HTTPAPI is providing bad information to the API.
>  Or (2) The API has a bug.
>
> Unfortunately, "Unknown System State" isn't a lot of information!
>
> I'm curious about your inability to upgrade to the latest HTTPAPI.  You
> say it'll take you several hours -- but I don't understand why.  I would
> like to understand it better so I know how to improve HTTPAPI in the
> future.  What difficulty do you have updating HTTPAPI?
>
> Even if I had a fix for HTTPAPI that solved the problem you encountered,
> I don't see how I could get it to you?  If I issue a new copy of HTTPAPI
> with the fix, you'd be unwilling to install it because of the time it
> takes to update?
>
>
>
> On 11/29/2010 12:58 PM, Eric Wasek wrote:
>>
>>     We use a simple program to send a get request to a server and receive
>>     back information in an IFS file.  But instead of information in a
>>     file, it is getting an error.  Following is the debug information.
>>
>>
>>     HTTPAPI Ver 1.16 released 2006-05-07
>>
>>     New iconv() objects set, ASCII=819. EBCDIC=0
>>
>>     https_init(): entered
>>
>>     -----------------------------------------------------------------
>>
>>     Dump of local-side certificate information:
>>
>>     -----------------------------------------------------------------
>>
>>     http_url_get(): entered
>>
>>     http_persist_open(): entered
>>
>>     http_long_ParseURL(): entered
>>
>>     (GSKit) I/O: Unknown system state.
>>
>>     ssl_error(406): (GSKit) I/O: Unknown system state.
>>
>>     SetError() #30: SSL Handshake: (GSKit) I/O: Unknown system state.
>>
>>
>>     Some of the code from the program is as follows.
>>
>>
>>     C                   CALLP     HTTP_DEBUG(*ON: DBGFILE)
>>
>>     c                   eval      rc = https_init(*BLANKS)
>>
>>     c                   if        rc<  0
>>
>>     c                   eval      msg = http_error(rc)
>>
>>     c                   if        rc = HTTP_NOTREG
>>
>>     c                   exsr      RegisterMe
>>
>>     c                   return
>>
>>     c                   else
>>
>>     c                   dsply                   msg
>>
>>     c                   return
>>
>>     c                   endif
>>
>>     c                   endif
>>
>>     c                   eval      rc = http_url_get(
>>
>>     c                                  UrlText :
>>
>>     c                                  '/tmp/httptest.html')
>>
>>
>>     This code is a modified version of example 3 from Scotts examples. 
>> We
>>     change the UrlText constant to what we use during production and
>>     compile this code on our version 5.1 system and send it to another
>>     remote 5.1 system to test.  It runs correctly on our 5.1 system, but
>>     not on the remote system.  We have been running this get request on
>>     the local system for many years, but it has yet to work on this 
>> remote
>>     system.
>>
>>
>>     We have changed the UrlText constant to perform the get request to 
>> the
>>     Klements site (like in example 3) and it works correctly from both 
>> the
>>     local and remote systems.  So we know that it can work from both the
>>     local and remote systems.  It just does not work from the remote
>>     system with the url needed for the live, production software.
>>
>>
>>     We know that this is a very old version of the programs (1.16).  But
>>     this wonderful old version is working great at several locations.  To
>>     upgrade all of them would require several hours that I do not wish to
>>     use as part of this project unless necessary.  We are only currently
>>     using the basic functions of version 1.16 and do not want to upgrade
>>     until we need to use some more advanced functions.
>>
>>
>>     A search of the archives found some PTFs for 5.4 (while the problem
>>     system is on 5.1) and some Digital Certificate Manager information
>>     that should not affect what we are trying to do.
>>
>>
>>     Any ideas or assistance is appreciated.
>>
>>
>>     Eric Wasek
>>
>>
>>
>>
>> -----------------------------------------------------------------------
>> This is the FTPAPI mailing list.  To unsubscribe, please go to:
>> http://www.scottklement.com/mailman/listinfo/ftpapi
>> -----------------------------------------------------------------------
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
> CONFIDENTIALITY NOTICE:  This e-mail and any attachments may contain 
> privileged and/or confidential information. This e-mail is intended solely 
> for the use of the individual or entity to which it is addressed. If you 
> are not the intended recipient of this e-mail, you are hereby notified 
> that reading, copying, disclosing, distributing, disseminating or taking 
> any action in relation to the contents of this e-mail and any of its 
> attachments is strictly prohibited and may be unlawful. If you have 
> received this e-mail in error, please notify the sender immediately and 
> permanently delete the original e-mail and destroy any copies or printouts 
> of this e-mail as well as any attachments.
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------
>
> 



-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
References:
- RE: Unknown system state during get request
  - From: David Huls
Prev by Date: gsk_sec_soc_open: (GSKit) Handle is not valid.
Next by Date: Re: gsk_sec_soc_open: (GSKit) Handle is not valid.
Previous by thread: RE: Unknown system state during get request
Next by thread: Re: Unknown system state during get request
Index(es):
- Date
- Thread