scottklement.com

IBM i Discussion Forums
https://www.scottklement.com/forums/

HTTPD.CONF Error on Script

https://www.scottklement.com/forums/viewtopic.php?t=262

Page 1 of 1

HTTPD.CONF Error on Script

Posted: Tue Mar 07, 2023 2:31 pm
by esmark12
I have an error on the log file as below. Has anyone encountered this error before?

[Tue Mar 07 13:25:18.073928 2023] [cgi:error] [pid 67979:tid 0000002B] [client 10.144.103.116:61957] ZSRV_MSG0108: Header from script is not valid. Bad header is Verified OK: File name is /QSYS.LIB/T0R3REST.LIB/R3R303MAIN.PGM

My script on httpd.conf is

ScriptAlias /env/QA/system/DSPJWT /QSYS.LIB/T0R3REST.LIB/R3R303MAIN.PGM
<Directory /QSYS.LIB/T0R3REST.LIB>
setenv QIBM_CGI_LIBRARY_LIST "QTEMP;T0R3REST;YAJL;QGPL"
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
SetEnv RSA_PUBLIC_KEY /home/A363323/keys/rs256.pub
Options +ExecCGI
order allow,deny
allow from all
</Directory>

I am trying to test OAUTH authentication for REST API via POSTMAN.

Re: HTTPD.CONF Error on Script

Posted: Tue Mar 07, 2023 4:33 pm
by jonboy49
This seems to indicate that the problem seems to be with the headers being set by the program in its response to the inbound request. Since you haven't shown any of the program logic it is hard to say what might be wrong.

Re: HTTPD.CONF Error on Script

Posted: Wed Mar 08, 2023 2:45 pm
by esmark12
Thanks for the reply Jon.

I figured it out. It having a stdout when validating using openSSL.

openSSLCommand = '/QOpenSys/usr/bin/openssl dgst ' +
'-verify ' + %trim(publicKeyPath) + ' ' +
'-keyform PEM -sha' + %subst(JWT.header.alg:3:3) +
' ' +
'-signature ' + %trim(signatureFileName) + ' ' +
'-binary ' + %trim(payloadFileName) + ' ' +
'>/dev/null 2>&1'; that do the fix
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited