[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Ftpapi Digest, Vol 121, Issue 6
This will require changing YAJL code. Should this be included in future release of YAJL?
Thanks
Athar
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
Sent: Tuesday, November 08, 2016 3:07 AM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: Ftpapi Digest, Vol 121, Issue 6
Send Ftpapi mailing list submissions to
ftpapi@xxxxxxxxxxxxxxxxxxxxxx
To subscribe or unsubscribe via the World Wide Web, visit
http://scottklement.com/mailman/listinfo/ftpapi
or, via email, send a message with subject or body 'help' to
ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx
You can reach the person managing the list at
ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx
When replying, please edit your Subject line so it is more specific than "Re: Contents of Ftpapi digest..."
Today's Topics:
1. SV: Ftpapi Digest, Vol 121, Issue 2 (Udesen, Peder)
----------------------------------------------------------------------
Message: 1
Date: Tue, 8 Nov 2016 08:06:22 +0000
From: "Udesen, Peder" <Peder.Udesen@xxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: SV: Ftpapi Digest, Vol 121, Issue 2
Message-ID:
<1CA147068BAF934A9134444B841FB807385DFD06@xxxxxxxxxxxxxxxxxxxxx>
Content-Type: text/plain; charset="iso-8859-1"
Use %float() instead of %dec(). This will solve your problem.
Kind regards
Peder Udesen
-----Oprindelig meddelelse-----
Fra: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] P? vegne af Athar Iqbal
Sendt: 3. november 2016 22:59
Til: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Emne: RE: Ftpapi Digest, Vol 121, Issue 2
Just to add: I am getting character conversion error. Athar
A character representation of a numeric value is in error.
_____________________________________________
From: Athar Iqbal
Sent: Thursday, November 03, 2016 5:54 PM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: RE: Ftpapi Digest, Vol 121, Issue 2
Hi,
I am using YAJL with HTTPAPI and coming across this issue. Has anyone seen this? Highlighted line is failing due to conversion issue. Value in the node is represented with exponential sign (2.910379E9). STR has value of 2.910379E9 and %dec conversion fails and gives hard error.
Any help will be appreciated.
Thanks
Athar Iqbal
if YAJL_IS_NUMBER(node);
init_gconv();
str = yajl_iconv_toLocal( gConv: nv.number.R );
retval = %dec(%str(str):30:9);
yajl_iconv_string_free(str);
else;
retval = 0;
endif;
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx> [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Wednesday, November 02, 2016 7:20 PM
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Ftpapi Digest, Vol 121, Issue 2
Send Ftpapi mailing list submissions to
ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
To subscribe or unsubscribe via the World Wide Web, visit
http://scottklement.com/mailman/listinfo/ftpapi
or, via email, send a message with subject or body 'help' to
ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-request@xxxxxxxxxxxxxxxxxxxxxx>
You can reach the person managing the list at
ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-owner@xxxxxxxxxxxxxxxxxxxxxx>
When replying, please edit your Subject line so it is more specific than "Re: Contents of Ftpapi digest..."
Today's Topics:
1. Reading JSON file from IFS (Ron Koontz)
2. Re: hostent - Data structure error? (Scott Klement)
3. Re: Reading JSON file from IFS (Scott Klement)
4. OFF this Topic but interesting (Re: Reading JSON file from
IFS) (bryan dietz)
5. Send credentials with HTTPAPI (Hector gngsd.com)
6. Re: Send credentials with HTTPAPI (Scott Klement)
7. Re: No Matching Cipher Suite. V7.1 (Don Brown)
----------------------------------------------------------------------
Message: 1
Date: Wed, 2 Nov 2016 17:32:51 +0000
From: Ron Koontz <rkoontz@xxxxxxxxx<mailto:rkoontz@xxxxxxxxx>>
To: "'ftpapi@xxxxxxxxxxxxxxxxxxxxxx'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: Reading JSON file from IFS
Message-ID:
<A3901A7630A35047A231F5877ED86DF51B809C35@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<mailto:A3901A7630A35047A231F5877ED86DF51B809C35@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>>
Content-Type: text/plain; charset="us-ascii"
Hello,
I'm trying to read a json file and I'm not getting the data to load I don't think.
In the example I'm using the 1st read json example from the website.
I'm using this url to get some json test data : http://headers.jsontest.com/ I used one of my other programs that exports the XML to get this data and saved it to a .json type.
Data looks like this:
{
"X-Cloud-Trace-Context": "d16c514c3b1cc6cc3758a3b41f958f4d/17804618137577403361",
"Host": "headers.jsontest.com",
"User-Agent": "http-api/1.23"
}
I have a JSON file in our IFS called example.json. Simple yes.
Inside the RPG pgm I have:
docNode = yajl_stmf_load_tree( '/tmp/example.json' : errMsg ); if errMsg <> '';
// handle error
endif;
node = YAJL_object_find(docNode: 'success'); result.success = YAJL_is_true(node);
There is nothing in the errMsg however the result.success is '0'. So its like its not loading or something. Any ideas out there?
Just trying to get it to work before I go hog wild on something.
Thanks
Ron
________________________________
The information contained in this e-mail is intended only for the individual or entity to whom it is addressed. Its contents (including any attachments) may contain confidential and/or privileged information. If you are not an intended recipient you shall not use, disclose, disseminate, copy or print its contents. If you receive this e-mail in error, please notify the sender by reply e-mail and delete and destroy the message. Continental Express, Inc. and its subsidiaries and affiliates will not be held liable for the unintended or unauthorized use of any information contained in this email or as a result of any additions or deletions of information originally contained in this email.
-------------- next part --------------
Hello,
I'm trying to read a json file and I'm not getting the data to load I
don't think.
In the example I'm using the 1^st read json example from the website.
I'm using this url to get some json test data :
[1]http://headers.jsontest.com/
I used one of my other programs that exports the XML to get this data
and saved it to a .json type.
Data looks like this:
{
"X-Cloud-Trace-Context":
"d16c514c3b1cc6cc3758a3b41f958f4d/17804618137577403361",
"Host":
"headers.jsontest.com",
"User-Agent":
"http-api/1.23"
}
I have a JSON file in our IFS called example.json. Simple yes.
Inside the RPG pgm I have:
docNode = yajl_stmf_load_tree( '/tmp/example.json' : errMsg );
if errMsg <> '';
// handle error
endif;
node = YAJL_object_find(docNode: 'success');
result.success = YAJL_is_true(node);
There is nothing in the errMsg however the result.success is `0'. So
its like its not loading or something. Any ideas out there?
Just trying to get it to work before I go hog wild on something.
Thanks
Ron
__________________________________________________________________
The information contained in this e-mail is intended only for the
individual or entity to whom it is addressed. Its contents (including
any attachments) may contain confidential and/or privileged
information. If you are not an intended recipient you shall not use,
disclose, disseminate, copy or print its contents. If you receive this
e-mail in error, please notify the sender by reply e-mail and delete
and destroy the message. Continental Express, Inc. and its subsidiaries
and affiliates will not be held liable for the unintended or
unauthorized use of any information contained in this email or as a
result of any additions or deletions of information originally
contained in this email.
References
1. http://headers.jsontest.com/
------------------------------
Message: 2
Date: Wed, 2 Nov 2016 14:53:27 -0400
From: Scott Klement <sk@xxxxxxxxxxxxxxxx<mailto:sk@xxxxxxxxxxxxxxxx>>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: Re: hostent - Data structure error?
Message-ID: <26865537-8dba-1d90-b986-5d388cd3c2b3@xxxxxxxxxxxxxxxx<mailto:26865537-8dba-1d90-b986-5d388cd3c2b3@xxxxxxxxxxxxxxxx>>
Content-Type: text/plain; charset=windows-1252; format=flowed
Frank,
Yes, you're connect. I'm surprised that I never noticed this before
-- I guess I must never have used those two fields!
(The other fields are correct -- since pointer are always aligned on
16 byte boundaries, changing the integers doesn't affect the position of the pointers after them.)
I'll update it in my copy... thanks!
On 11/1/2016 9:43 AM, ffleer@xxxxxxxxxx<mailto:ffleer@xxxxxxxxxx> wrote:
> Hi whoever reads this. Just a minor thing.
> Below data structure should have both int(5) fields defined as int(10)
> I believe.
> With int(5) the gethostbyname API returns 0 for h_addrtype and 2 for
> h_length. When I change the integer fields to int(10) I get resp. 2 and
> 4, the correct values.
> **
> ** #define h_addr h_addr_list[0]
> **
> D p_hostent S *
> D hostent DS Based(p_hostent)
> D h_name *
> D h_aliases *
> D h_addrtype 5I 0
> D h_length 5I 0
> D h_addrlist *
> D p_h_addr S * Based(h_addrlist)
> D h_addr S 10U 0 Based(p_h_addr)
> Best regards,
> Frank Fleer.
>
> __________________________________________________________________
>
> "PLEASE NOTE: The preceding information may be confidential or
> privileged. It only should be used or disseminated for the purpose of
> conducting business with Parker. If you are not an intended recipient,
> please notify the sender by replying to this message and then delete
> the information from your system. Thank you for your cooperation."
>
>
>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
------------------------------
Message: 3
Date: Wed, 2 Nov 2016 14:56:29 -0400
From: Scott Klement <sk@xxxxxxxxxxxxxxxx<mailto:sk@xxxxxxxxxxxxxxxx>>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: Re: Reading JSON file from IFS
Message-ID: <45828c97-2680-c574-fad4-a8b802b08d7d@xxxxxxxxxxxxxxxx<mailto:45828c97-2680-c574-fad4-a8b802b08d7d@xxxxxxxxxxxxxxxx>>
Content-Type: text/plain; charset=windows-1252; format=flowed
Ron,
This question doesn't appear to be related to HTTTPAPI, FTPAPI or WSDL2RPG. Please move it to a different list/forum? This one is for those three projects only.
Your example makes no sense, anyway. Your JSON does not have a field named 'success', so what do you expect will happen when you try to read one from the document?
-SK
On 11/2/2016 1:32 PM, Ron Koontz wrote:
> Hello,
>
> I'm trying to read a json file and I'm not getting the data to load I
> don't think.
>
> In the example I'm using the 1^st read json example from the website.
>
> I'm using this url to get some json test data :
> [1]http://headers.jsontest.com/
>
> I used one of my other programs that exports the XML to get this data
> and saved it to a .json type.
>
> Data looks like this:
>
> {
>
> "X-Cloud-Trace-Context":
> "d16c514c3b1cc6cc3758a3b41f958f4d/17804618137577403361",
>
> "Host":
> "headers.jsontest.com",
>
> "User-Agent":
> "http-api/1.23"
>
> }
>
>
> I have a JSON file in our IFS called example.json. Simple yes.
>
>
> Inside the RPG pgm I have:
>
>
> docNode = yajl_stmf_load_tree( '/tmp/example.json' : errMsg );
>
> if errMsg <> '';
>
> // handle error
>
> endif;
>
>
> node = YAJL_object_find(docNode: 'success');
>
> result.success = YAJL_is_true(node);
>
>
>
> There is nothing in the errMsg however the result.success is `0'. So
> its like its not loading or something. Any ideas out there?
>
>
> Just trying to get it to work before I go hog wild on something.
>
>
> Thanks
>
> Ron
>
>
> __________________________________________________________________
>
> The information contained in this e-mail is intended only for the
> individual or entity to whom it is addressed. Its contents (including
> any attachments) may contain confidential and/or privileged
> information. If you are not an intended recipient you shall not use,
> disclose, disseminate, copy or print its contents. If you receive this
> e-mail in error, please notify the sender by reply e-mail and delete
> and destroy the message. Continental Express, Inc. and its subsidiaries
> and affiliates will not be held liable for the unintended or
> unauthorized use of any information contained in this email or as a
> result of any additions or deletions of information originally
> contained in this email.
>
> References
>
> 1. http://headers.jsontest.com/
>
>
>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
------------------------------
Message: 4
Date: Wed, 2 Nov 2016 16:12:52 -0400
From: bryan dietz <bryandietz@xxxxxxxxx<mailto:bryandietz@xxxxxxxxx>>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: OFF this Topic but interesting (Re: Reading JSON file from
IFS)
Message-ID: <951d3777-b3f3-f44a-b989-363f808e8e2b@xxxxxxxxx<mailto:951d3777-b3f3-f44a-b989-363f808e8e2b@xxxxxxxxx>>
Content-Type: text/plain; charset=windows-1252; format=flowed
sorry to throw this here, but this site had an interesting service to show your IP address.
If you're at V7.1 and DB group 23
SELECT cast(systools.HTTPgetCLOB('http://ip.jsontest.com/','')
as char(30)) AS your_IP_address FROM sysibm.SYSDUMMY1
thanks for indulging me...
Bryan
Ron Koontz wrote on 11/2/2016 1:32 PM:
> Hello,
>
> I'm trying to read a json file and I'm not getting the data to load I
> don't think.
>
> In the example I'm using the 1^st read json example from the website.
>
> I'm using this url to get some json test data :
> [1]http://headers.jsontest.com/
<snip>
------------------------------
Message: 5
Date: Wed, 2 Nov 2016 13:46:58 -0700 (PDT)
From: "Hector gngsd.com" <hguevara@xxxxxxxxx<mailto:hguevara@xxxxxxxxx>>
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Send credentials with HTTPAPI
Message-ID:
<388785087.29586.1478119618865@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx<mailto:388785087.29586.1478119618865@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>>
Content-Type: text/plain; charset="UTF-8"
Hi
I need to connect to a carrier web services to send my package
information and retrieve the tracking number
I am trying with http_url_post_stmf but I don't see a place to send the
user id and password,
where can I get a sample of how to do it
Thank you
Hector Guevara
------------------------------
Message: 6
Date: Wed, 2 Nov 2016 17:25:17 -0400
From: Scott Klement <sk@xxxxxxxxxxxxxxxx<mailto:sk@xxxxxxxxxxxxxxxx>>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: Re: Send credentials with HTTPAPI
Message-ID: <f93831e4-1516-9449-05a4-7bdd901d686a@xxxxxxxxxxxxxxxx<mailto:f93831e4-1516-9449-05a4-7bdd901d686a@xxxxxxxxxxxxxxxx>>
Content-Type: text/plain; charset=windows-1252; format=flowed
Hector,
It depends on how the web service expects the userid/password to be sent.
If they are using the HTTP capabilities (BASIC, DIGEST or NTLM2
authentication) it can be done by calling http_setAuth/http_getAuth.
There are examples in the QRPGLESRC file include with HTTPAPI of using these (search the members named EXAMPLE for getAuth/setAuth)
If they are using another method, one that's not part of HTTP, but is part of the web service data, then you will have to code it into your XML/JSON data. There are a few dozen different options there, so you'll need to research what they are using and how it works and code it yourself, since there is no one standard used by everyone in that case.
-SK
On 11/2/2016 4:46 PM, Hector gngsd.com wrote:
> Hi
>
> I need to connect to a carrier web services to send my package
> information and retrieve the tracking number
>
> I am trying with http_url_post_stmf but I don't see a place to send the
> user id and password,
>
> where can I get a sample of how to do it
>
> Thank you
>
> Hector Guevara
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list. To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -
>
------------------------------
Message: 7
Date: Thu, 3 Nov 2016 09:19:48 +1000
From: Don Brown <DBrown@xxxxxxxxxx<mailto:DBrown@xxxxxxxxxx>>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Subject: Re: No Matching Cipher Suite. V7.1
Message-ID:
<OFBE521E93.BA3CA5A3-ON4A25805F.007F599A-4A25805F.008027F8@xxxxxxxxxx<mailto:OFBE521E93.BA3CA5A3-ON4A25805F.007F599A-4A25805F.008027F8@xxxxxxxxxx>>
Content-Type: text/plain; charset="us-ascii"
I had a similar problem and have not solved that problem as the required ciphers are not available at 7.1
I received the table below from IBM
On the next tables are showed the cipher supported by the iseries on R710
If the table get screwed up or lost you can find it at:
http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_71/rzain/rzainciphers.htm
QSSLCSL System Value Representation
TLSv1.2
TLSv1.1
TLSv1.0
SSLv3
SSLv2
*RSA_AES_256_CBC_SHA256
X
*RSA_AES_128_CBC_SHA256
X
*RSA_AES_256_CBC_SHA
X
X
X
*RSA_AES_128_CBC_SHA
X
X
X
*RSA_3DES_EDE_CBC_SHA
X
X
X
X
*RSA_RC4_128_SHA
X
X
X
X
*RSA_RC4_128_MD5
X
X
X
X
X
*RSA_DES_CBC_SHA
X
X
X
*RSA_EXPORT_RC4_40_MD5
X
X
X
*RSA_EXPORT_RC2_CBC_40_MD5
X
X
X
*RSA_NULL_SHA256
X
*RSA_NULL_SHA
X
X
X
X
*RSA_NULL_MD5
X
X
X
X
*RSA_RC2_CBC_128_MD5
X
*RSA_3DES_EDE_CBC_MD5
X
*RSA_DES_CBC_MD5
X
Don Brown
From: Dave Burt <dave.burt@xxxxxxxxxxx<mailto:dave.burt@xxxxxxxxxxx>>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Date: 03/11/2016 01:29 AM
Subject: No Matching Cipher Suite. V7.1
Sent by: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx>
The server we are testing on is at 7.1 and at least Tech Refresh 6+. All PTFs that are supposed to allow the TLS1.2 protocols to work are applied.
I have been using HTTPAPI and RPG to call external web services such as leading2lean and service-now. HTTPAPI is at 1.32.
HTTPAPI documentation says it works up to TLS 1.2. (last build 2/2016)
The HTTPS protocol is only handshaking if L2L sets their server to a very "unsecure level" below SSL2. L2L (under special request) has been letting use do it this way for a while. But Eventually, they are going to require at least TLS??
Service-now web service works but I don't know what protocol level they are enforcing.
This command causes the handshake failure:
rc = http_url_post(url:myPointer:dataSize:ifs:HTTP_TIMEOUT:
HTTP_USERAGENT:
'application/x-www-form-urlencoded');
The error message is "SSL Handshake: (GSKit) No compatible cipher suite available"
According to our Sys-Op and an expert at the COMMON conference, our server should be TLS1.2 capable. He thinks it is the application that's Not working. Our ciphers don't exactly match L2Ls by name, but the expert told our Sys-op that doesn't matter??? It doesn't look like we can even do SSL 2.0.
The GSKIT API includes an https_init(application_name, enabled protocols (ssl2.0, ssl3.0,tls1.0,1.1,1.2))
ii = https_init(*blanks:*Off:*ON:
*ON: *ON: *ON);
We also tried creating an application certificate and using that in the program. But no difference. I verified that the https_init returns without the error code set
Our system value for QSSLCSL:
*RSA_AES_128_CBC_SHA256
*RSA_AES_128_CBC_SHA
*RSA_RC4_128_SHA
*RSA_AES_256_CBC_SHA256
*RSA_AES_256_CBC_SHA
*RSA_3DES_EDE_CBC_SHA
*RSA_DES_CBC_SHA
*RSA_EXPORT_RC4_40_MD5
*RSA_EXPORT_RC2_CBC_40_MD5
*RSA_NULL_SHA256
*RSA_NULL_SHA
*RSA_NULL_MD5
*RSA_RC4_128_MD5
QSSLCSLCTL: *USRDFN
QSSLPCL:
Protocols
*TLSV1.2
*TLSV1.1
*TLSV1
*SSLV3
Ciphers L2L says will handshake are:
Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and SSL 2 suites at the end)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq.
3072 bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq.
3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (eq.
3072 bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp256r1 (eq.
3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072
bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072
bits RSA) FS 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 2048 bits FS
256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88) DH 2048 bits FS
256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 2048 bits FS
128
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45) DH 2048 bits FS
128
Thanks in advance for the help.
Dave
***************************************************************
Consider the environment before printing this message.
To read the Companies' Information and Confidentiality Notice, follow this
link:
https://www.autoliv.com/Pages/disclaimer.aspx
***************************************************************
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
-------------- next part --------------
I had a similar problem and have not solved that problem as the
required ciphers are not available at 7.1
I received the table below from IBM
On the next tables are showed the cipher supported by the iseries on
R710
If the table get screwed up or lost you can find it at:
[1]http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_71/rzain/rzainc
iphers.htm
QSSLCSL System Value Representation
TLSv1.2
TLSv1.1
TLSv1.0
SSLv3
SSLv2
*RSA_AES_256_CBC_SHA256
X
*RSA_AES_128_CBC_SHA256
X
*RSA_AES_256_CBC_SHA
X
X
X
*RSA_AES_128_CBC_SHA
X
X
X
*RSA_3DES_EDE_CBC_SHA
X
X
X
X
*RSA_RC4_128_SHA
X
X
X
X
*RSA_RC4_128_MD5
X
X
X
X
X
*RSA_DES_CBC_SHA
X
X
X
*RSA_EXPORT_RC4_40_MD5
X
X
X
*RSA_EXPORT_RC2_CBC_40_MD5
X
X
X
*RSA_NULL_SHA256
X
*RSA_NULL_SHA
X
X
X
X
*RSA_NULL_MD5
X
X
X
X
*RSA_RC2_CBC_128_MD5
X
*RSA_3DES_EDE_CBC_MD5
X
*RSA_DES_CBC_MD5
X
Don Brown
From: Dave Burt <dave.burt@xxxxxxxxxxx<mailto:dave.burt@xxxxxxxxxxx>>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>"
<ftpapi@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi@xxxxxxxxxxxxxxxxxxxxxx>>
Date: 03/11/2016 01:29 AM
Subject: No Matching Cipher Suite. V7.1
Sent by: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx<mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx>
__________________________________________________________________
The server we are testing on is at 7.1 and at least Tech Refresh 6+.
All PTFs that are supposed to allow the TLS1.2 protocols to work are
applied.
I have been using HTTPAPI and RPG to call external web services such as
leading2lean and service-now. HTTPAPI is at 1.32.
HTTPAPI documentation says it works up to TLS 1.2. (last build 2/2016)
The HTTPS protocol is only handshaking if L2L sets their server to a
very "unsecure level" below SSL2. L2L (under special request) has been
letting use do it this way for a while. But
Eventually, they are going to require at least TLS??
Service-now web service works but I don't know what protocol level they
are enforcing.
This command causes the handshake failure:
rc = http_url_post(url:myPointer:dataSize:ifs:HTTP_TIMEOUT:
HTTP_USERAGENT:
'application/x-www-form-urlencoded');
The error message is "SSL Handshake: (GSKit) No compatible cipher suite
available"
According to our Sys-Op and an expert at the COMMON conference, our
server should be TLS1.2 capable. He thinks it is the application
that's
Not working. Our ciphers don't exactly match L2Ls by name, but the
expert told our Sys-op that doesn't matter??? It doesn't look like we
can even do SSL 2.0.
The GSKIT API includes an https_init(application_name, enabled
protocols (ssl2.0, ssl3.0,tls1.0,1.1,1.2))
ii = https_init(*blanks:*Off:*ON:
*ON: *ON: *ON);
We also tried creating an application certificate and using that in the
program. But no difference. I verified that the https_init returns
without the error code set
Our system value for QSSLCSL:
*RSA_AES_128_CBC_SHA256
*RSA_AES_128_CBC_SHA
*RSA_RC4_128_SHA
*RSA_AES_256_CBC_SHA256
*RSA_AES_256_CBC_SHA
*RSA_3DES_EDE_CBC_SHA
*RSA_DES_CBC_SHA
*RSA_EXPORT_RC4_40_MD5
*RSA_EXPORT_RC2_CBC_40_MD5
*RSA_NULL_SHA256
*RSA_NULL_SHA
*RSA_NULL_MD5
*RSA_RC4_128_MD5
QSSLCSLCTL: *USRDFN
QSSLPCL:
Protocols
*TLSV1.2
*TLSV1.1
*TLSV1
*SSLV3
Ciphers L2L says will handshake are:
Cipher Suites (SSL 3+ suites in server-preferred order; deprecated and
SSL 2 suites at the end)
TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (0xc030) ECDH secp256r1 (eq.
3072 bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (0xc02f) ECDH secp256r1 (eq.
3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 (0xc028) ECDH secp256r1 (eq.
3072 bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 (0xc027) ECDH secp256r1 (eq.
3072 bits RSA) FS 128
TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA (0xc014) ECDH secp256r1 (eq. 3072
bits RSA) FS 256
TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA (0xc013) ECDH secp256r1 (eq. 3072
bits RSA) FS 128
TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 (0x9f) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 (0x6b) DH 2048 bits FS 256
TLS_DHE_RSA_WITH_AES_256_CBC_SHA (0x39) DH 2048 bits FS
256
TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA (0x88) DH 2048 bits FS
256
TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 (0x9e) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 (0x67) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_AES_128_CBC_SHA (0x33) DH 2048 bits FS
128
TLS_DHE_RSA_WITH_SEED_CBC_SHA (0x9a) DH 2048 bits FS 128
TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA (0x45) DH 2048 bits FS
128
Thanks in advance for the help.
Dave
***************************************************************
Consider the environment before printing this message.
To read the Companies' Information and Confidentiality Notice, follow
this link:
[2]https://www.autoliv.com/Pages/disclaimer.aspx
***************************************************************
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
[3]http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
References
1. http://www.ibm.com/support/knowledgecenter/ssw_ibm_i_71/rzain/rzainciphers.htm
2. https://www.autoliv.com/Pages/disclaimer.aspx
3. http://www.scottklement.com/mailman/listinfo/ftpapi
------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list digest. To unsubscribe, go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
End of Ftpapi Digest, Vol 121, Issue 2
**************************************
DISCLAIMER:
This e-mail is intended for the use of the addressee(s) only and may contain privileged, confidential, or proprietary information that is exempt from disclosure under law. If you are not the intended recipient, please do not read, copy, use or disclose the contents of this communication to others. Please notify the sender that you have received this e-mail in error by replying to the e-mail. Please then delete the e-mail and destroy any copies of it. Thank you.
This email and any files transmitted with it may be confidential and intended solely for the use of the individual or entity to which they are addressed. If you have received this email in error please notify the sender.
------------------------------
-----------------------------------------------------------------------
This is the FTPAPI mailing list digest. To unsubscribe, go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
End of Ftpapi Digest, Vol 121, Issue 6
**************************************
DISCLAIMER:
This e-mail is intended for the use of the addressee(s) only and may contain privileged, confidential, or proprietary information that is
exempt from disclosure under law. If you are not the intended recipient, please do not read, copy, use or disclose the contents of this
communication to others. Please notify the sender that you have received this e-mail in error by replying to the e-mail. Please then
delete the e-mail and destroy any copies of it. Thank you.
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------