scottklement.com

Posted: **Wed Nov 05, 2025 4:27 pm**

Hi Scott and team,

I hope someone can help me with this - I am using HTTAPI to get to an internal API endpoint which works from from our Development machine but keeps throwing SSL_Error(406) on Production. Here is the log generated from HTTPAPI:

Code: Select all

HTTPAPI Ver 1.49 released 2024-04-16                                                       
NTLM Ver 1.4.0 released 2014-12-22                                                         
OS/400 Ver V7R4M0                                                                          
                                                                                           
New iconv() objects set, PostRem=1208. PostLoc=0. ProtRem=819. ProtLoc=0                   
http_persist_open(): entered                                                               
http_long_ParseURL(): entered                                                              
DNS resolver retrans: 2                                                                    
DNS resolver retry  : 2                                                                    
DNS resolver options: x'00000136'                                                          
DNS default domain: XXXXX.com                                                    
DNS server found: 10.221.224.200                                                           
DNS server found: 10.222.224.200                                                           
DNS server found: 10.223.255.1                                                             
Nagle's algorithm (TCP_NODELAY) disabled.                                                  
SNI hostname set to: internalapi-qa.XXXXX.io                                     
(GSKit) I/O: A connection with a remote socket was reset by that socket.                   
ssl_error(406): (GSKit) I/O: A connection with a remote socket was reset by that socket.   

SetError() #30: SSL Handshake: (GSKit) I/O: A connection with a remote socket was reset by that 
http_close(): entered                                                                           
HTTPAPI Ver 1.49 released 2024-04-16                                                            
NTLM Ver 1.4.0 released 2014-12-22                                                              
OS/400 Ver V7R4M0                                                                               
                                                                                                
http_setauth(): entered

I am thinking it has to do something with the certificates but not exactly sure. I tried using open_ssl command to get the log as well:

Code: Select all

openssl s_client -servername hostname -connect internalapi-qa.XXXXX.io:443         
CONNECTED(00000004)                                                                          
write:errno=73                                                                               
---                                                                                          
no peer certificate available                                                                
---                                                                                          
No client certificate CA names sent                                                          
---                                                                                          
SSL handshake has read 0 bytes and written 314 bytes                                         
Verification: OK                                                                             
---                                                                                          
New, (NONE), Cipher is (NONE)                                                                
Secure Renegotiation IS NOT supported                                                        
Compression: NONE                                                                            
Expansion: NONE                                                                              
No ALPN negotiated                                                                           
Early data was not sent             
Verify return code: 0 (ok)          
---

However - this same SSL command returns full Certificate chain in Dev Machine.

Posted: **Fri Nov 07, 2025 6:27 pm**

For some reason, an error is occurring during SSL negotiation. It appears to be happening with both HTTPAPI and openssl, which tells me that the problem is on the server, not in HTTPAPI.

IT doesn't say what the error is... only that the connection is reset. So for some reason, it is disconnecting. It doesn't say why.

If this server isn't working for anyone, I'd suggest resetting the SSL setup and starting it over.

Posted: **Fri Nov 07, 2025 9:13 pm**

Hi Scott,

Thank you so much for your response. Everything works fine from our Development Machine and we get a successful response back. The issue is only with production machine. I am working with the network team to troubleshoot the issue.

Thanks

scottklement.com

Question on ssl_error(406)

Question on ssl_error(406)

Re: Question on ssl_error(406)

Re: Question on ssl_error(406)