[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: HTTPAPI issue



There are a couple of HIPER for 2/26 regarding SSL implementations. Might have messed things up on latest cum for V7R1. Obviously some are not on the latest cum so good to update those.

If anyone needs TLSv1.2, that is in TR6 but needs to be activated by downloading and applying SI48659 and changing a system value...
https://www.ibm.com/developerworks/ibmi/library/i-system-ssl-ibmi/


-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Steve Bowdoin
Sent: Tuesday, March 05, 2013 10:58 PM
To: 'HTTPAPI and FTPAPI Projects'
Subject: RE: HTTPAPI issue

John

We had an issue with DCM and TELNET after installing TR6.

There is a HIPER for our problem.  Maybe there is one for yours.

Steve Bowdoin


-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx
[mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of John Clark
Sent: Tuesday, March 05, 2013 7:44 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: HTTPAPI issue

We have been using the HTTPAPI stuff for a few years now with no issues.  We
are on 7.1, and recently applied the latest cumm.  Since then, our one
application that uses http_url_get_xml quit working.  I turned debug on, and
listed the log below.  This application is using HTTPS with a digital
certificate.  I checked the certificate, and it is valid until 2015.

If I can provide any other information, let me know.

John

________________________________
HTTPAPI Ver 1.21 released 2007-10-01

New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0
https_init(): entered
----------------------------------------------------------------------------
---------
Dump of local-side certificate information:
----------------------------------------------------------------------------
---------
-----BEGIN CERTIFICATE-----
-----END CERTIFICATE-----
Serial Number: 00:B5
Common Name: Company name
Country: US
E-Mail: support@xxxxxxxxxxx
Issuer CN: Datavantage Corp Signing CA
Issuer Country: US
Issuer State/Province: Ohio
Issuer Locality: Cleveland
Issuer Org: Datavantage Corporation
Issuer Org Unit: SV
Unknown Field: 3
Unknown Field: 20120803170911
Unknown Field: 17:09:11 03-08-2012
Unknown Field: 20150803170911
Unknown Field: 17:09:11 03-08-2015
Unknown Field: 1.2.840.113549.1.1.4

http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 15
DNS resolver retry  : 2
DNS resolver options: x'00001136'
DNS default domain: company.LOCAL
DNS server found: 10.10.3.3
DNS server found: 10.10.3.4
(GSKit) Peer not recognized or badly formatted message received.
ssl_error(415): (GSKit) Peer not recognized or badly formatted message
received.
SetError() #30: SSL Handshake: (GSKit) Peer not recognized or badly
formatted message received.
----------------------------------------------------------------------------
---------
Dump of server-side certificate information:
----------------------------------------------------------------------------
---------
Cert Validation Code = 0
(GSKit) An operation which is not valid for the current SSL session state
was attempted.
ssl_error(5): (GSKit) An operation which is not valid for the current SSL
session state was attempted.
(GSKit) An operation which is not valid for the current SSL session state
was attempted.

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------