1.  Home
  2. MIDRANGE-L
  3. April 2022

Re: Use of HTTP_POST resulting in GSKit Error is 6000 - Certificate is not signed by a trusted certificate authority.

you need to export the CA chain and import them in to DCM. Here's a link
to some docs that have steps:

https://docs.bvstools.com/home/ssl-documentation.

This is a case where if you used HTTPAPI or GETURI you'd have the option to
NOT import the CAs as they both have methods to bypass "not trusted"
errors.

On Thu, Apr 14, 2022 at 7:08 AM Rob Berendt <rob@xxxxxxxxx> wrote:

I am trying an example I saw in a Tim Rowe & Scott Forstie example to send
a text message from IBM i using SQL. Basically it goes like this:
values QSYS2.HTTP_POST(
'https://api.twilio.com/2010-04-01/Accounts/AC<redacted>/Messages.json',
cast(
'&To=+12605551212' concat
'&From=+12675551212' concat
'&Body=Sample Text ' as varchar(855)),
'{"basicAuth":"AC<redacted>,<redacted>",
"header":"content-type,application/x-www-form-urlencoded"}');

However I am getting
SQL State: 38501
Vendor Code: -443
Message: [SQL0443] AXISC ERROR : HTTPTransportException: Cannot
initialize a channel to the remote end.
Failed to establish SSL connection to server, the operation
gsk_secure_soc_init() failed.
GSKit Error is 6000 - Certificate is not signed by a trusted certificate
authority.

Coworker suggested this link:
https://www.ibm.com/docs/en/i/7.4?topic=programming-http-functions-overview
Basically it looks like either I figure out the certificate issues and put
them into DCM or run the script at this site and create a new store and
always specify this store when running any https type service .


I looked at twilio's site. I see this chain:
DigiCert
-DigiCert TLS RSA SHA256 2020 CA1
--*.twilio.com
Do I perform actions based on this chain? Or do I just do that script on
Knowledge Center?

Rob Berendt
--
IBM Certified System Administrator - IBM i 6.1
Group Dekko
Dept 1600
Mail to: 7310 Innovation Blvd, Suite 104
Ft. Wayne, IN 46818
Ship to: 7310 Innovation Blvd, Dock 9C
Ft. Wayne, IN 46818
http://www.dekko.com

--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com


As an Amazon Associate we earn from qualifying purchases.

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.