HTTPD.CONF Error on Script

Discussions related to HTTPAPI (An HTTP Client Package for RPG programming.) http://www.scottklement.com/httpapi/
Post Reply
esmark12
Posts: 2
Joined: Tue Mar 07, 2023 11:39 am

HTTPD.CONF Error on Script

Post by esmark12 »

I have an error on the log file as below. Has anyone encountered this error before?

[Tue Mar 07 13:25:18.073928 2023] [cgi:error] [pid 67979:tid 0000002B] [client 10.144.103.116:61957] ZSRV_MSG0108: Header from script is not valid. Bad header is Verified OK: File name is /QSYS.LIB/T0R3REST.LIB/R3R303MAIN.PGM

My script on httpd.conf is

ScriptAlias /env/QA/system/DSPJWT /QSYS.LIB/T0R3REST.LIB/R3R303MAIN.PGM
<Directory /QSYS.LIB/T0R3REST.LIB>
setenv QIBM_CGI_LIBRARY_LIST "QTEMP;T0R3REST;YAJL;QGPL"
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
SetEnv RSA_PUBLIC_KEY /home/A363323/keys/rs256.pub
Options +ExecCGI
order allow,deny
allow from all
</Directory>


I am trying to test OAUTH authentication for REST API via POSTMAN.
jonboy49
Posts: 200
Joined: Wed Jul 28, 2021 8:18 pm

Re: HTTPD.CONF Error on Script

Post by jonboy49 »

This seems to indicate that the problem seems to be with the headers being set by the program in its response to the inbound request. Since you haven't shown any of the program logic it is hard to say what might be wrong.
esmark12
Posts: 2
Joined: Tue Mar 07, 2023 11:39 am

Re: HTTPD.CONF Error on Script

Post by esmark12 »

Thanks for the reply Jon.

I figured it out. It having a stdout when validating using openSSL.

openSSLCommand = '/QOpenSys/usr/bin/openssl dgst ' +
'-verify ' + %trim(publicKeyPath) + ' ' +
'-keyform PEM -sha' + %subst(JWT.header.alg:3:3) +
' ' +
'-signature ' + %trim(signatureFileName) + ' ' +
'-binary ' + %trim(payloadFileName) + ' ' +
'>/dev/null 2>&1'; that do the fix
Post Reply