[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Ftpapi] ssl_error(410): (GSKit) Peer not recognized or badly formatted message received
- From: "Greg Maccia" <gmaccia@xxxxxxxxxxxxx>
- To: "'FTPAPI/HTTPAPI mailing list'" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Ftpapi] ssl_error(410): (GSKit) Peer not recognized or badly formatted message received
- Date: Tue, 26 Jun 2018 08:19:28 -0400
Since this topic is on TLS
I am running on V6R1 - can I get TLS v1.1 or 1.2 to work with this OS (as I am now getting rejected due to using TLS 1.0)
I am on an older version of LIBHTTP - although I am not sure if this library version has anything to do with these newer TLS errors
Thanks
Greg
-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Scott Klement
Sent: Thursday, October 26, 2017 2:43 PM
To: FTPAPI/HTTPAPI mailing list <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [Ftpapi] ssl_error(410): (GSKit) Peer not recognized or badly formatted message received
Hi Luciano,
HTTPAPI uses the SSL support that is built into the operating system. In this case, the error "Peer not recognized or badly formed message..."
means that it doesn't understand the SSL type/format of the system it's connecting to.
I've received this error when accidentally connecting to a non-SSL site with an https: URL. Since the site wasn't talking SSL, the SSL routines got confused and complained that it was "badly formed".
I've also received this error when connecting to a site where the SSL/TLS was a version that I didn't have on IBM i, or that iI had different ciphers configured than the site used. In those cases, simply configuring the system to use newer versions and/or adding ciphers helped.
-SK
On 10/26/2017 12:52 PM, Luciano Concilio wrote:
> Hi everybody,
>
> On the production server we have OS / 400 V6R1 and HTTPAPI (1.24) and
> WebService consumes without any problems.
>
> On another server we update the OS / 400 to V7R2 with HTTPAPI (1.38)
> and we get the following error only when it is https: Peer not
> recognized or badly formatted message received
>
> Apparently the connection is not established or the certificate can
> not be downloaded from the server to which I want to connect for some
> reason.
>
> We have everything set up as the README.TXT says in the application.
>
>
>
> there is a solution for this bag?
>
> HTTPAPI_DEBUG.TXT:
>
> HTTPAPI Ver 1.38 released 2017-10-09
> NTLM Ver 1.4.0 released 2014-12-22
> OS/400 Ver V7R2M0
>
> https_init(): entered
> SetError() 25: SSL environment was already initialized]
> http_url_post(): entered
> http_persist_open(): entered
> http_long_ParseURL(): entered
> DNS resolver retrans: 2
> DNS resolver retry : 2
> DNS resolver options: x'00000136'
> DNS default domain: GRIMALDIGRASSI.COM.AR
> <http://GRIMALDIGRASSI.COM.AR> DNS server found: 10.0.0.3 DNS server
> found: 10.0.0.4 Nagle's algorithm (TCP_NODELAY) disabled.
> SNI hostname set to: www.siogranos.com.ar
> <http://www.siogranos.com.ar> (GSKit)Peer not recognized or badly formatted message received.
> ssl_error(410): (GSKit) Peer not recognized or badly formatted message
> received.SetError() 30: SSL Handshake: (GSKit) Peer not recognized or
> badly formatted message received.
>
> Thank you in advance.
>
>
>
>
>
--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi
--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi