View previous topic :: View next topic
|
Author |
Message |
srikant314
New User
Joined: 26 Oct 2016 Posts: 5 Location: INDIA
|
|
|
|
Hi All,
I am currently trying to make a HTTPS call from ZOS.
My organization policy has streamlined ZOS Connect EE as the setup for consuming API . But the infrastructure like WAS server,Gateway will take time. Hence i stumbled upon z/OS client web enablement toolkit as quick win. I was able to make HTTP calls without much of a setup.
My query is if there a downside of using z/OS client web enablement toolkit instead of ZOS connect EE. I will be grateful If someone could help me understand the pros and cons of both ? I will have to present a case to defend usage of z/OS client web enablement toolkit. |
|
Back to top |
|
|
pulibhaskar123
New User
Joined: 26 Jan 2024 Posts: 4 Location: United States
|
|
|
|
Hi,
we are trying connect to https endpoints and receiving the error Unable to initialize SSL socket and No SSL cipher specifications reason code 402. I am able to connect to http endpoints and able to get the response. But getting the errors with https calls. Below are the verbose log about the errors.
HWTH SETUP options using are
HWTH-OPT-URI
HWTH-OPT-PORT
HWTH-OPT-COOKIETYPE
HWTH-COOKIETYPE-SESSION
HWTH-SSL-USE
HWTH-OPT-USE-SSL
HWTH-OPT-SSLVERSION
HWTH-SSLVERSION-TLSV12
HWTH-SSLKEYTYPE-KEYRINGNAME
HWTH-OPT-SSLKEYTYPE
HWTH-OPT-SSLKEY
HWTH-OPT-SSLCIPHERSPECS
0000000001 t: HWTH_OPT_VERBOSE has been set to HWTH_VERBOSE_ON
0000000001 t-Entry: iconnImpl
0000000001 t-Entry: initTranslationTables
0000000001 t-Exit: initTranslationTables
0000000001 t: Connecting to Use [URL] BBCode for External Links via port 443
0000000001 t: Attempting to connect to IP address: 142.250.65.228
0000000001 t-Entry: setSocketOptions
0000000001 t-Exit: setSocketOptions
0000000001 t: Connection established using socket: 0
0000000001 t-Entry: checkForTTLS
0000000001 t: ATTLS detection OK: s=0 pol=NO_POLICY
0000000001 t: Socket maps to TTLSRule: (none)
0000000001 t: ATTLS is *not* in effect
0000000001 t-Exit: checkForTTLS
0000000001 t-Entry: initSSLEnv
0000000001 t: Creating a new SSL environment
0000000001 t: Setting user specified SSL protocols
0000000001 t: Disabling the SSLV3 protocol
0000000001 t: Disabling the TLSV1 protocol
0000000001 t: Disabling the TLSV1.1 protocol
0000000001 t: Enabling the TLSV1.2 protocol
0000000001 t: Disabling the TLSV1.3 protocol
0000000001 t: Setting user-defined cipher specs to: 009F
0000000001 t: Setting SSL key database to: xxxxx/xxxxx
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_open()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: No applicable peerid.
0000000001 t: hostIsName() is TRUE 'www.google.com'
0000000001 t: Applied SNI extension for 'www.google.com'
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_init()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: Unable to initialize SSL socket.
0000000001 t-Entry: error
0000000001 t: An error occurred: No SSL cipher specifications
0000000001 t: Reason code: 402
0000000001 t: Return code: -1
0000000001 t: Service: 22
0000000001 t: Service Instance: 1
0000000001 t-Exit: error
0000000001 t-Entry: setReturnCode
0000000001 t-Exit: setReturnCode
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_close()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: Disconnecting new socket due to SSL initialization failure
0000000001 t-Entry: idiscImpl
0000000001 t: Closing socket: 0
0000000001 t-Exit: idiscImpl
Please help me how to resolve the errors. Thanks |
|
Back to top |
|
|
vasanthz
Global Moderator
Joined: 28 Aug 2007 Posts: 1744 Location: Tirupur, India
|
|
|
|
Hello,
You have to open a new topic for this.
Quote: |
No SSL cipher specifications reason code 402. |
This gives a hint, there is no common cipher algorithms that is common between the client and server.
Ciphers are encryption algorithms,
The client(the system from which you are initiating connection) will have a configuration that says, here are the list of algorithms that I can communicate with.
The server(the system to which you are trying to connect) it will have configuration that says, here are the list of algorithms that server can communicate.
There should be atleast one cipher in common between client and server, else you would get this error. |
|
Back to top |
|
|
pulibhaskar123
New User
Joined: 26 Jan 2024 Posts: 4 Location: United States
|
|
|
|
vasanthz wrote: |
Hello,
You have to open a new topic for this.
Quote: |
No SSL cipher specifications reason code 402. |
This gives a hint, there is no common cipher algorithms that is common between the client and server.
Ciphers are encryption algorithms,
The client(the system from which you are initiating connection) will have a configuration that says, here are the list of algorithms that I can communicate with.
The server(the system in which you are trying to connect) it will have configuration that says, here are the list of algorithms that server can communicate.
There should be atleast one cipher in common between client and server, else you would get this error. |
|
|
Back to top |
|
|
pulibhaskar123
New User
Joined: 26 Jan 2024 Posts: 4 Location: United States
|
|
|
|
Thank you |
|
Back to top |
|
|
|