Brad Stone wrote: SSL setup really blows on the AS/400.  I've done it a few
> times and every time it seemed to be different.  Best to
> call IBM support for something like this.  I'm sure they're
> getting good at helping.  :)

You've said a mouthful there brother!  I just finished a two week nightmare
of trying to get my SSL stuff working on a setup that has a reverse proxy
server in front of the production server on an LPAR box. What had worked was
putting the SSL Cert on the production server partition , behind the reverse
proxy server partition. Worked great. No problems for about two months.
Then we had multiple power failures on the box in a single morning (due to
outside causes) and when we finally stabilized, SSL no longer worked on the
production partition. After a lot of trial and error (two weeks of it) and
much help from IBM Support, we finally got SSL working again, this time on
the reverse proxy server partition, and not the production server partition.
IBM told me it should never have worked the way I had it set up the first
time and they are at a loss to explain how it had worked for two
months...and why it stopped working.

Gotta love bleeding edge....


Shannon O'Donnell


----- Original Message ----- 
From: "Brad Stone" <brad@xxxxxxxxxxxx>
To: "Web Enabling the AS400 / iSeries" <web400@xxxxxxxxxxxx>
Sent: Thursday, October 23, 2003 9:42 PM
Subject: Re: [WEB400] SSL error codes


> Steve,
>
> Error codes can be found in library QSYSINC (if installed
> on your system) in source PF named H, member SSL.
>
> 3426 I believe is a TCPIP error, and found n member ERRNO.
>  Something about a remote socket was rejected.
>
> I couldn't find 406 in the list of errors for SSL.
>
> Things to check:
>
> The certificate is actually installed in your "store"
> The certificate is "trusted"
> Authority is at least *RX for directories and *R for the
> file itself for *PUBLIC or QTMHHTTP.
>
> SSL setup really blows on the AS/400.  I've done it a few
> times and every time it seemed to be different.  Best to
> call IBM support for something like this.  I'm sure they're
> getting good at helping.  :)
>
> Brad
> www.bvstools.com
>
> On Thu, 23 Oct 2003 12:50:10 -0500
>  "Steve McKay" <steve.mckay@xxxxxxxxxxxxxx> wrote:
> > List -
> >
> > I'm trying to turn on SSL on our Apache HTTP server
> > (V5R2).  I have created
> > a Certificate Store and certificates and have added the
> > certificate created
> > to my browser.  When I attempt to connect to the website
> > using HTTPS, I am
> > getting no response and am getting SSL errors in the
> > Apache error log as
> > follows:
> >
> > ZSRV_MSG0216: Error occurred during SSL processing, error
> > = 406.
> > ZSRV_MSG0252: SSL initialization operation failed, return
> > code error = 3426
> >
> > Where can I find out what these error codes mean?
> >
> > Also, this particular website is protected by an
> > validation list which
> > prompts for username and password.  This is working
> > correctly when using SSL
> > but there is no subsequent page displayed.  If I turn off
> > SSL, I still get
> > challenged for name/password followed by the expected
> > page.
> >
> > TIA,
> >
> > Steve
> >
> >
> >
> > _______________________________________________
> > This is the Web Enabling the AS400 / iSeries (WEB400)
> > mailing list
> > To post a message email: WEB400@xxxxxxxxxxxx
> > To subscribe, unsubscribe, or change list options,
> > visit: http://lists.midrange.com/mailman/listinfo/web400
> > or email: WEB400-request@xxxxxxxxxxxx
> > Before posting, please take a moment to review the
> > archives
> > at http://archive.midrange.com/web400.
> >
>
> Bradley V. Stone
> BVS.Tools
> www.bvstools.com
> _______________________________________________
> This is the Web Enabling the AS400 / iSeries (WEB400) mailing list
> To post a message email: WEB400@xxxxxxxxxxxx
> To subscribe, unsubscribe, or change list options,
> visit: http://lists.midrange.com/mailman/listinfo/web400
> or email: WEB400-request@xxxxxxxxxxxx
> Before posting, please take a moment to review the archives
> at http://archive.midrange.com/web400.
>
>
>
>



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.