[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Baffled about Certificates with HTTP API

From: Scott Klement <sk@xxxxxxxxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: Baffled about Certificates with HTTP API
Date: Wed, 30 Jun 2010 12:52:03 -0500

Hi Monte,

The error seems to imply that the SSL code in OS/400 doesn't recognize 
the format of the certificate that's being sent by whomever you're 
connecting to.

You stated that they provided a CA and Client certificate.  You didn't 
explain anything about installing the client cert...  you only described 
your instalation of the CA cert... which makes me wonder if perhaps you 
skipped the client certificate part of the process?

Or maybe you didn't explain that part because you aren't having trouble? 
  not sure.


On 6/29/2010 11:19 AM, Monte T. Schmiege wrote:
>
>     I am trying to establish communications with a banking organization
>     that requires ssl.  They provided certificates, server ca and client.
>     I could not load the server ca without a root ca, which they then
>     provided.  I loaded the root ca and the server ca.  After that, I am
>     guessing.  I created a "client" application and associated it with the
>     two ca's in a trust list.
>
>
>
>     My RPG program references the application in the HTTP_Init, which
>     returns a non-negative return code (good).
>
>
>
>     I issue a http_url_post, as I have in other applications.
>
>
>
>     The error I get is "SSL Handshake: (GSKit) Certificate does not have a
>     valid format."
>
>
>
>     I am clueless about how to make this work.  I've searched the Internet
>     and forum and tried to glean from the examples and source code to no
>     avail.
>
>
>
>     I would be happy for any assistance.
>
>
>
>
>
>     Monte Schmiege
>
>     Senior Web Analyst
>
>     [1]mschmiege@xxxxxxxxxxxxx
>
>     262-626-8609
>
>
>
>     Regal Ware, Inc.
>
>     1675 Reigle Drive
>
>     Kewaskum, WI  53040
>
>
>
>
>
> CONFIDENTIALITY NOTICE: This electronic message transmission contains informati
> on from this organization,
> which may be confidential or privileged. The information is intended for the so
> le use of the individual or
> entity named above. If you are not the intended recipient, be aware that any di
> sclosure, copying, distribution,
> or use of the contents of this information is prohibited. If you have received
> this email in error, please
> notify the sender immediately and delete the original message. Neither the send
> er nor the company for which
> he or she works accepts any liability for any damage caused by any virus transm
> itted by this email.
>
> References
>
>     1. mailto:mschmiege@xxxxxxxxxxxxx
>
>
>
>
> -----------------------------------------------------------------------
> This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> -----------------------------------------------------------------------

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- Baffled about Certificates with HTTP API
  - From: Monte T. Schmiege

Prev by Date: HTTPAPI novice having (CCSID-related?) trouble with EXAMPLE1
Next by Date: Re: Call to Microsoft .NET Framework executeXML
Previous by thread: Baffled about Certificates with HTTP API
Next by thread: Re: Baffled about Certificates with HTTP API
Index(es):
- Date
- Thread