[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New Server - Issues calling a Web Service
GSKit is part of the OS...
I'd suggest comparing PTF levels...
iNav will allow you to compare installed PTFs between systems.
Charles
On Fri, Feb 5, 2016 at 11:11 AM, Kim Mitchell
<[1]kmitchell@xxxxxxxxxxxxxxxxxx> wrote:
� �Hi Scott,
� �I'm having an interesting problem. We've migrated from our old
IBM i to
� �a new one, and in doing so have messed up our call to a web
service.
� �Both the old and the new server have HTTPAPI V1.24 installed.
Both the
� �old and the new server are at V7R1. Both the old and new server
are
� �allowing protocols TLSv1.0, TLSv1.1 and TLSv1.2 (we will be
shutting
� �TLSv1.0 down soon).� Certificates that were installed on the
old server
� �have been installed on the new one.
� �We shut down the old server, and started running our calls to
the web
� �service from the new one. Here is the log file from the broken
call:
� �// ***************************** beginning of log file---
� �HTTPAPI Ver 1.24beta11 released 2010-09-09
� �OS/400 Ver V7R1M0
� �http_persist_open(): entered
� �http_long_ParseURL(): entered
� �DNS resolver retrans: 2
� �DNS resolver retry� : 2
� �DNS resolver options: x'00000136'
� �DNS default domain: [2]unitedheritage.com
� �DNS server found: 192.168.30.7
� �DNS server found: 207.170.210.162
� �DNS server found: 168.215.210.50
� �(GSKit) Peer not recognized or badly formatted message
received.
� �ssl_error(410): (GSKit) Peer not recognized or badly formatted
message
� �received.
� �SetError() #30: SSL Handshake: (GSKit) Peer not recognized or
badly
� �formatted message received.
� �------------------------------------------------------------------
-----
� �--------------
� �Dump of server-side certificate information:
� �------------------------------------------------------------------
-----
� �--------------
� �Cert Validation Code = 0
� �(GSKit) An operation which is not valid for the current SSL
session
� �state was attempted.
� �ssl_error(5): (GSKit) An operation which is not valid for the
current
� �SSL session state was attempted.
� �(GSKit) An operation which is not valid for the current SSL
session
� �state was attempted.
� �//*********************** end of log file---
� �Here is the log file from a successful call made on the old
server:
� �// ***************************** beginning of log file---
� �HTTPAPI Ver 1.24beta11 released 2010-09-09
� �OS/400 Ver V7R1M0
� �New iconv() objects set, PostRem=819. PostLoc=0. ProtRem=819.
ProtLoc=0
� �http_persist_open(): entered
� �http_long_ParseURL(): entered
� �DNS resolver retrans: 2
� �DNS resolver retry� : 2
� �DNS resolver options: x'00000136'
� �DNS default domain: [3]unitedheritage.com
� �DNS server found: 192.168.30.7
� �DNS server found: 207.170.210.162
� �DNS server found: 168.215.210.50
� �https_init(): entered
� �------------------------------------------------------------------
-----
� �--------------
� �Dump of local-side certificate information:
� �------------------------------------------------------------------
-----
� �--------------
� �------------------------------------------------------------------
-----
� �--------------
� �Dump of server-side certificate information:
� �------------------------------------------------------------------
-----
� �--------------
� �Cert Validation Code = 0
� �-----BEGIN CERTIFICATE-----
� �///deleted///
� �-----END CERTIFICATE-----
� �Serial Number: ==deleted==
� �Common Name:� ==deleted==
� �Country: US
� �State/Province: New Jersey
� �Locality: Teterboro
� �Org Unit: :� ==deleted==
� �Org: :� ==deleted==
� �Issuer CN: Symantec Class 3 Secure Server CA - G4
� �Issuer Country: US
� �Issuer Org: Symantec Corporation
� �Issuer Org Unit: Symantec Trust Network
� �Version: 3
� �not before: 20150511180000
� �Unknown Field: 18:00:00 11-05-2015
� �not after: 20160522175959
� �Unknown Field: 17:59:59 22-05-2016
� �pub key alg:� ==deleted==
� �Protocol Used: TLS Version 1
� �http_persist_post(): entered
� �http_long_ParseURL(): entered
� �do_oper(POST): entered
� �POST : ==deleted== HTTP/1.1
� �Host: : ==deleted the remainder of the data, as it's PII ==
� �//*********************** end of log file---
� �Is anything glaringly obvious - other than the lack of the
certificate?
� �The certificate is in the DCM. I'm baffled!
� �Thanks for any help you can provide.
� �Kim Mitchell,
� �United Heritage Financial Group
� �Meridian, Idaho
--------------------------------------------------------------------
---
This is the FTPAPI mailing list.� To unsubscribe, please go to:
[4]http://www.scottklement.com/mailman/listinfo/ftpapi
--------------------------------------------------------------------
---
References
1. mailto:kmitchell@xxxxxxxxxxxxxxxxxx
2. http://unitedheritage.com/
3. http://unitedheritage.com/
4. http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------