[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: HTTPAPI Unknown protocol
Hello Bob,
When HTTPAPI creates it's debug log, it tries to come up with a "human
readable" description of the SSL protocol used, so it looks nice in the
log. Since you are on a newer release that supports more modern SSL,
you have a version of SSL that hasn't been coded into HTTPAPI.
However, the only affect that this will have is that HTTPAPI will print
"unknown protocol" in the debug log. Aside from that (which really
doesn't matter much, since only us techies will see it) everything
should work just fine.
And, indeed, I can see in your debug log that SSL is working, and data
is being successfully exchanged with the HTTP server you are
communicating with.
So... are you having any problems that we could assist with? Or are
you just letting us know about this minor debug log issue?
-SK
On 9/11/2014 10:37 AM, [1]robert.e.leroux@xxxxxxxxxxxxx wrote:
We have encountered an error using HTTPAPI on an SSL connection from a
V7R2 system - it works on a V7R1 system. The error is:
SetError() #49: SSL_protocol: Unknown protocol 596
Looking at the code, it appears that protocol value of 596 is not
defined in the HTTPAPI service program. I tried using openssl from QSH
as follows to see if I could verify my environment:
V7R2 system
openssl version
OpenSSL 1.0.1g 7 Apr 2014
V7R1 system
openssl version
OpenSSL 0.9.8y 5 Feb 2013
Using openssl again, I found I am using TLSv1.2 on the V7R2 system, and
TLSv1 on the V7R1 system:
openssl s_client -connect xxxxxxx.com:443
I think the area to look at is:
Service program HTTPAPIR4
Module COMMSSLR4
procedure SSL_protocol tries to get the human-readable protocol name or
returns '' upon error
procedure gsk_attribute_get_enum is used to do this
This is defined in member GSKSSL_H
enum GSK_ENUM_VALUE_T includes values for various protocols, e.g.
GSK_PROTOCOL_USED_TLSV1 = 520, which is what I see returned in the V7R1
version. But, we are getting a value of 596,
which is not defined - this message appears:
SetError() #49: SSL_protocol: Unknown protocol 596
1. Is 596 a new V7R2 value for the protocol that needs to be
added, possibly to go along with the reported TLSv1.2 value?
2. Is the program not reading the protocol correctly, so 596 is
not really what should be evaluated?
3. Is it more likely that this is an HTTPAPI issue, an SSL issue,
or an IBM PTF issue?
4. Is anyone successfully using HTTPAPI with V7R2?
5. Can anyone offer any other suggestions?
For your reference, we execute the command as follows:
HTTPAPI URL('xxxxx')
DOWNLOAD('/tmp/download.txt')
REQTYPE(*POST)
UPLOAD('/xxxxx.xml')
TYPE('text/xml; charset=utf-8')
USER('xxxxx')
PASS('xxxxx')
REDIRECT(*YES)
DEBUG('TransactLog.txt')
COOKIES(*NONE)
I have included the resulting debug file here, masking details like
company name, IP address, etc.:
-----------------------------------------------------------------------
---------------------
HTTPAPI Ver 1.24 released 2012-01-23
OS/400 Ver V7R2M0
http_setauth(): entered
http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: acnms.com
DNS server found: 999.999.999.999
DNS server found: 999.999.999.999
--------------------------------------------
Dump of server-side certificate information:
---------------------------------------------
Cert Validation Code = 0
-----BEGIN CERTIFICATE-----
...certificate info...
-----END CERTIFICATE-----
Serial Number: 01:F3:A1
Common Name: *.xxxxx.com
Country: US
State/Province: xxxxx
Locality: xxxxx
Org Unit: xxxxx, Inc.
Org: J2EE
Issuer CN: GeoTrust SSL CA
Issuer Country: US
Issuer Org: GeoTrust, Inc.
Version: 3
Version:
3
not before: 20130115134552
Unknown Field: 13:45:52
15-01-2013
not after:
20150303195819
Unknown Field: 19:58:19
03-03-2015
pub key alg:
1.2.840.113549.1.1.1
signature algorithm:
1.2.840.113549.1.1.5
Unknown Field:
0382010F003082010A0282010100C7EA672FFE18B89DE469432CD4206A30CBE6E
Unknown Field:
2048
Unknown Field:
A25662550CC56FAED343E0EEC28243ED
Unknown Field:
1.2.840.113549.2.5
Unknown Field:
0C478967BEFDB7F2743F20CF6520B0DCCF8A86EB
Unknown Field:
AA1E113D7FA827B396B76D3DC61EA2E9954E61AF29F07852DE20336309BDE414
Unknown Field:
13
Unknown Field:
*.xxxxx.com
Unknown Field: *.xxxxx.com
Unknown Field: 0
Unknown Field: 1.3.6.1.5.5.7.3.2
Unknown Field: 1.3.6.1.5.5.7.3.1
Unknown Field: 2.16.840.1.113733.1.7.54
SetError() #49: SSL_protocol: Unknown protocol 596
Protocol Used:
http_persist_post(): entered
http_persist_req(POST) entered.
http_long_ParseURL(): entered
do_oper(POST): entered
There are 1 cookies in the cache
POST /ME_PartsOrderingSVCWeb/sca/PartsOrderingInterfaceExport HTTP/1.1
Host: xxxxx.com
Host: xxxxx.com
User-Agent: http-api/1.24
Content-Type: text/xml;
charset=utf-8
Content-Length:
2662
Authorization: Basic
cGFydHNPcmRlcmluZ1dTOUFGVDpGOEI5VzYtaDh6MnY1
Cookie: $Version=0;
LtpaToken2=QLMkTy435k7jqy9SuGzbTuEcQUuLV8p9D9kHvyMP0TqIsyxmX
sendraw():
entered
<soapenv:Envelope
xmlns:soapenv=[2]"http://schemas.xmlsoap.org/soap/envelope/">...
</soapenv:Body></soapenv:Envelope>
recvresp():
entered
HTTP/1.1 200
OK
X-Backside-Transport: OK OK,OK OK,OK
OK
Connection:
Keep-Alive
Transfer-Encoding:
chunked
X-Powered-By:
Servlet/3.0
Content-Type: text/xml
Content-Language:
en-US
Set-Cookie:
LtpaToken2=DNlZr90rnFtSojSB8Ap/4LcULN0IY1+jSLc3TKIDzWqrT8gQPJtkw7jeO...
; Path=/; HttpOnly
Date: Thu, 11 Sep 2014 14:49:51 GMT
Server: WebSphere Application
Server/8.0
Expires: Thu, 01 Dec 1994 16:00:00
GMT
Cache-Control: no-cache="set-cookie, set-cookie2"
X-Client-IP: 127.0.0.1,127.0.0.1,
999.999.999.999
X-Archived-Client-IP:
127.0.0.1,127.0.0.1,127.0.0.1
SetError() #13: HTTP/1.1 200
OK
recvresp(): end with
200
recvdoc parms: chunked
0
header_load_cookies()
entered
cookie_parse()
entered
cookie =
LtpaToken2=DNlZr90rnFtSojSB8Ap/4LcULN0IY1+jSLc3TKIDzWqrT8gQPJtkw7jeOPj
cookie attr
LtpaToken2=DNlZr90rnFtSojSB8Ap/4LcULN0IY1+jSLc3TKIDzWqrT8gQPJtkw7jeO
cookie attr Path=/
cookie attr
HttpOnly=
recvchunk():
entered
get_chunk_size(): entered
650
chunk size = 1616
get_chunk_size returned
1616
calling
comm_blockread
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope ....
</soapenv:Body></soapenv:Envelope>
comm_blockread returned
1616
get_chunk_size():
entered
0
chunk size =
0
get_chunk_size returned
0
http_close():
entered
-----------------------------------------------------------------------
---------------------
Thanks in advance.
Bob Leroux
__________________________________________________________________
This message is for the designated recipient only and may contain
privileged, proprietary, or otherwise confidential information. If you
have received it in error, please notify the sender immediately and
delete the original. Any other use of the e-mail by you is prohibited.
Where allowed by local law, electronic communications with Accenture
and its affiliates, including e-mail and instant messaging (including
content), may be scanned by our systems for the purposes of information
security and assessment of internal compliance with Accenture policy.
_______________________________________________________________________
_______________
[3]www.accenture.com
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
[4]http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
References
1. mailto:robert.e.leroux@xxxxxxxxxxxxx
2. http://schemas.xmlsoap.org/soap/envelope/
3. http://www.accenture.com/
4. http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------