[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid

From: Scott Klement <sk@xxxxxxxxxxxxxxxx>
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Re: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Date: Mon, 15 Aug 2011 09:45:14 -0500

Hello,

The "Handle is not valid" issue is a red herring.  It's a bug in HTTPAPI 
that has already been fixed in the current beta version, and is not 
causing any problems other than a confusing error message.

The important error message in your log is "Key database file was not 
found." That message means that you haven't created the *SYSTEM 
certificate store.



On 8/15/2011 9:06 AM, BBB Rhodes wrote:
>
>     When I took out the HTTPS_INIT, I get the following Error on the first
>     run (log 1).  I then did a second run, just for fun and got a the
>     Handle issue again (log 2).
>
>
>     What should i expect to see in the DCM for the *System certificate
>     store?       Do I have to identify each user profile that will run
>     this process?
>
>
>     Is http_url_post_xml() the right function to being back XML Data file?
>
>
>
>       Log One:
>
>       HTTPAPI Ver 1.23 released
>       2008-04-24
>       OS/400 Ver
>       V6R1M0
>
>
>       New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819.
>       ProtLoc=0
>       http_persist_open():
>       entered
>       http_long_ParseURL():
>       entered
>       DNS resolver retrans:
>       2
>       DNS resolver retry  :
>       2
>       DNS resolver options:
>       x'00000136'
>       DNS default domain: XXXXXX.XXXXXXX.COM
>       DNS server found: 11.200.3.98
>       DNS server found: 11.200.3.99
>       https_init():
>       entered
>       (GSKit) Key database file was not
>       found.
>       ssl_error(202): (GSKit) Key database file was not
>       found.
>       SetError() #24: gsk_env_init: (GSKit) Key database file was not
>       found.
>       -------------------------------------------------------------------
>       --------
>       Dump of local-side certificate
>       information:
>       -------------------------------------------------------------------
>       --------
>       (GSKit) An operation which is not valid for the current SSL session
>       state was attempted.
>       ssl_error(5): (GSKit) An operation which is not valid for the
>       current SSL session state was attempted.
>       (GSKit) An operation which is not valid for the current SSL session
>       state was attempted.
>
>
>       Log Two:
>
>       http_persist_open(): entered
>       http_long_ParseURL(): entered
>       DNS resolver retrans: 2
>       DNS resolver retry  : 2
>       DNS resolver options: x'00000136'
>       DNS default domain: XXXXXX.XXXXXXX.COM
>       DNS server found: 11.200.3.98
>       DNS server found: 11.200.3.99
>       CONNECT zzzzzz.zzzzz.com:443 HTTP/1.1
>       Host: zzzzzz.zzzzz.com HTTP/1.1
>       User-Agent: http-api/1.23
>       Proxy-Connection: keep-alive
>       recvresp(): entered
>       HTTP/1.1 200 Connection established
>       SetError() #13: HTTP/1.1 200 Connection established
>       recvdoc parms: identity 0
>       header_load_cookies() entered
>       (GSKit) Handle is not valid.
>       ssl_error(1): (GSKit) Handle is not valid.
>       SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid.
>
>
>     Thanks,
>     Bryan
>
>     >  From: mkrebs@xxxxxxxxxxxxxxxxxx
>     >  To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
>     >  Date: Fri, 12 Aug 2011 16:00:54 -0500
>     >  Subject: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not
>     valid
>     >
>     >  The error is coming from the GSK which is the HTTPS/SSL/TLS etc
>     encryption stuff. You start with HTTPs_INIT and in the debug you have:
>     >
>     >  SetError() #35: Application is not registered with DCM!
>     >
>     >  The HTTPS_INIT is not needed for generic SSL support. Unless you
>     have been provided with a special certificate or have created one just
>     for this program, you can remove that line.
>     >
>     >  If you have a special certfificate, see the README in QRPGLESRC.
>     >
>     ----------------------------------------------------------------------
>     -
>     >  This is the FTPAPI mailing list. To unsubscribe, please go to:
>     >  http://www.scottklement.com/mailman/listinfo/ftpapi
>     >
>     ----------------------------------------------------------------------
>     -
>
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
  - From: Mike Krebs
- RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
  - From: BBB Rhodes

References:
- SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
  - From: BBB Rhodes
- RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
  - From: Mike Krebs
- RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
  - From: BBB Rhodes

Prev by Date: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Next by Date: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Previous by thread: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Next by thread: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Index(es):
- Date
- Thread