[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid
Scott,
I have a meeting with our iSeries Admin to day. Can I get a snap
shot of what the *System Certificate Store looks like.
Should we be using the HTTP beta version,
If so where can we find it? Is it on your web site?
If not, when I get the *system Certificate Store setup
correctly will the debug still note the Handle issue and continue
on with our retrieval?
Thanks in advance;
Bryan
> Date: Mon, 15 Aug 2011 09:45:14 -0500
> From: sk@xxxxxxxxxxxxxxxx
> To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> Subject: Re: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not
valid
>
> Hello,
>
> The "Handle is not valid" issue is a red herring. It's a bug in
HTTPAPI
> that has already been fixed in the current beta version, and is not
> causing any problems other than a confusing error message.
>
> The important error message in your log is "Key database file was
not
> found." That message means that you haven't created the *SYSTEM
> certificate store.
>
>
>
> On 8/15/2011 9:06 AM, BBB Rhodes wrote:
> >
> > When I took out the HTTPS_INIT, I get the following Error on the
first
> > run (log 1). I then did a second run, just for fun and got a the
> > Handle issue again (log 2).
> >
> >
> > What should i expect to see in the DCM for the *System certificate
> > store? Do I have to identify each user profile that will run
> > this process?
> >
> >
> > Is http_url_post_xml() the right function to being back XML Data
file?
> >
> >
> >
> > Log One:
> >
> > HTTPAPI Ver 1.23 released
> > 2008-04-24
> > OS/400 Ver
> > V6R1M0
> >
> >
> > New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819.
> > ProtLoc=0
> > http_persist_open():
> > entered
> > http_long_ParseURL():
> > entered
> > DNS resolver retrans:
> > 2
> > DNS resolver retry :
> > 2
> > DNS resolver options:
> > x'00000136'
> > DNS default domain: XXXXXX.XXXXXXX.COM
> > DNS server found: 11.200.3.98
> > DNS server found: 11.200.3.99
> > https_init():
> > entered
> > (GSKit) Key database file was not
> > found.
> > ssl_error(202): (GSKit) Key database file was not
> > found.
> > SetError() #24: gsk_env_init: (GSKit) Key database file was not
> > found.
> >
-------------------------------------------------------------------
> > --------
> > Dump of local-side certificate
> > information:
> >
-------------------------------------------------------------------
> > --------
> > (GSKit) An operation which is not valid for the current SSL
session
> > state was attempted.
> > ssl_error(5): (GSKit) An operation which is not valid for the
> > current SSL session state was attempted.
> > (GSKit) An operation which is not valid for the current SSL
session
> > state was attempted.
> >
> >
> > Log Two:
> >
> > http_persist_open(): entered
> > http_long_ParseURL(): entered
> > DNS resolver retrans: 2
> > DNS resolver retry : 2
> > DNS resolver options: x'00000136'
> > DNS default domain: XXXXXX.XXXXXXX.COM
> > DNS server found: 11.200.3.98
> > DNS server found: 11.200.3.99
> > CONNECT zzzzzz.zzzzz.com:443 HTTP/1.1
> > Host: zzzzzz.zzzzz.com HTTP/1.1
> > User-Agent: http-api/1.23
> > Proxy-Connection: keep-alive
> > recvresp(): entered
> > HTTP/1.1 200 Connection established
> > SetError() #13: HTTP/1.1 200 Connection established
> > recvdoc parms: identity 0
> > header_load_cookies() entered
> > (GSKit) Handle is not valid.
> > ssl_error(1): (GSKit) Handle is not valid.
> > SetError() #29: gsk_sec_soc_open: (GSKit) Handle is not valid.
> >
> >
> > Thanks,
> > Bryan
> >
> > > From: mkrebs@xxxxxxxxxxxxxxxxxx
> > > To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
> > > Date: Fri, 12 Aug 2011 16:00:54 -0500
> > > Subject: RE: SetError() #29: gsk_sec_soc_open: (GSKit) Handle is
not
> > valid
> > >
> > > The error is coming from the GSK which is the HTTPS/SSL/TLS etc
> > encryption stuff. You start with HTTPs_INIT and in the debug you
have:
> > >
> > > SetError() #35: Application is not registered with DCM!
> > >
> > > The HTTPS_INIT is not needed for generic SSL support. Unless you
> > have been provided with a special certificate or have created one
just
> > for this program, you can remove that line.
> > >
> > > If you have a special certfificate, see the README in QRPGLESRC.
> > >
> >
----------------------------------------------------------------------
> > -
> > > This is the FTPAPI mailing list. To unsubscribe, please go to:
> > > http://www.scottklement.com/mailman/listinfo/ftpapi
> > >
> >
----------------------------------------------------------------------
> > -
> >
> >
> >
> >
> >
----------------------------------------------------------------------
-
> > This is the FTPAPI mailing list. To unsubscribe, please go to:
> > http://www.scottklement.com/mailman/listinfo/ftpapi
> >
----------------------------------------------------------------------
-
>
>
----------------------------------------------------------------------
-
> This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
>
----------------------------------------------------------------------
-
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------