[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

New Server - Issues calling a Web Service

From: Kim Mitchell <kmitchell@xxxxxxxxxxxxxxxxxx>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: New Server - Issues calling a Web Service
Date: Fri, 5 Feb 2016 16:11:26 +0000

   Hi Scott,


   I'm having an interesting problem. We've migrated from our old IBM i to
   a new one, and in doing so have messed up our call to a web service.
   Both the old and the new server have HTTPAPI V1.24 installed. Both the
   old and the new server are at V7R1. Both the old and new server are
   allowing protocols TLSv1.0, TLSv1.1 and TLSv1.2 (we will be shutting
   TLSv1.0 down soon).  Certificates that were installed on the old server
   have been installed on the new one.


   We shut down the old server, and started running our calls to the web
   service from the new one. Here is the log file from the broken call:


   // ***************************** beginning of log file---

   HTTPAPI Ver 1.24beta11 released 2010-09-09

   OS/400 Ver V7R1M0


   http_persist_open(): entered

   http_long_ParseURL(): entered

   DNS resolver retrans: 2

   DNS resolver retry  : 2

   DNS resolver options: x'00000136'

   DNS default domain: unitedheritage.com

   DNS server found: 192.168.30.7

   DNS server found: 207.170.210.162

   DNS server found: 168.215.210.50

   (GSKit) Peer not recognized or badly formatted message received.

   ssl_error(410): (GSKit) Peer not recognized or badly formatted message
   received.

   SetError() #30: SSL Handshake: (GSKit) Peer not recognized or badly
   formatted message received.

   -----------------------------------------------------------------------
   --------------

   Dump of server-side certificate information:

   -----------------------------------------------------------------------
   --------------

   Cert Validation Code = 0

   (GSKit) An operation which is not valid for the current SSL session
   state was attempted.

   ssl_error(5): (GSKit) An operation which is not valid for the current
   SSL session state was attempted.

   (GSKit) An operation which is not valid for the current SSL session
   state was attempted.


   //*********************** end of log file---


   Here is the log file from a successful call made on the old server:


   // ***************************** beginning of log file---


   HTTPAPI Ver 1.24beta11 released 2010-09-09

   OS/400 Ver V7R1M0


   New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819. ProtLoc=0

   http_persist_open(): entered

   http_long_ParseURL(): entered

   DNS resolver retrans: 2

   DNS resolver retry  : 2

   DNS resolver options: x'00000136'

   DNS default domain: unitedheritage.com

   DNS server found: 192.168.30.7

   DNS server found: 207.170.210.162

   DNS server found: 168.215.210.50

   https_init(): entered

   -----------------------------------------------------------------------
   --------------

   Dump of local-side certificate information:

   -----------------------------------------------------------------------
   --------------

   -----------------------------------------------------------------------
   --------------

   Dump of server-side certificate information:

   -----------------------------------------------------------------------
   --------------

   Cert Validation Code = 0

   -----BEGIN CERTIFICATE-----

   ///deleted///

   -----END CERTIFICATE-----

   Serial Number: ==deleted==

   Common Name:  ==deleted==

   Country: US

   State/Province: New Jersey

   Locality: Teterboro

   Org Unit: :  ==deleted==
   Org: :  ==deleted==

   Issuer CN: Symantec Class 3 Secure Server CA - G4

   Issuer Country: US

   Issuer Org: Symantec Corporation

   Issuer Org Unit: Symantec Trust Network

   Version: 3

   not before: 20150511180000

   Unknown Field: 18:00:00 11-05-2015

   not after: 20160522175959

   Unknown Field: 17:59:59 22-05-2016

   pub key alg:  ==deleted==


   Protocol Used: TLS Version 1

   http_persist_post(): entered

   http_long_ParseURL(): entered

   do_oper(POST): entered

   POST : ==deleted== HTTP/1.1

   Host: : ==deleted the remainder of the data, as it's PII ==


   //*********************** end of log file---


   Is anything glaringly obvious - other than the lack of the certificate?
   The certificate is in the DCM. I'm baffled!


   Thanks for any help you can provide.


   Kim Mitchell,

   United Heritage Financial Group

   Meridian, Idaho

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: New Server - Issues calling a Web Service
  - From: Charles Wilt

Prev by Date: Re: http_url_get
Next by Date: RE: New Server - Issues calling a Web Service
Previous by thread: Fw: important message
Next by thread: Re: New Server - Issues calling a Web Service
Index(es):
- Date
- Thread