IBM Mainframe Forum Index
 
Log In
 
IBM Mainframe Forum Index Mainframe: Search IBM Mainframe Forum: FAQ Register
 

ZOS Connect EE Vs z/OS client web enablement toolkit


IBM Mainframe Forums -> All Other Mainframe Topics
Post new topic   Reply to topic
View previous topic :: View next topic  
Author Message
srikant314

New User


Joined: 26 Oct 2016
Posts: 5
Location: INDIA

PostPosted: Thu Sep 17, 2020 11:20 pm
Reply with quote

Hi All,

I am currently trying to make a HTTPS call from ZOS.
My organization policy has streamlined ZOS Connect EE as the setup for consuming API . But the infrastructure like WAS server,Gateway will take time. Hence i stumbled upon z/OS client web enablement toolkit as quick win. I was able to make HTTP calls without much of a setup.

My query is if there a downside of using z/OS client web enablement toolkit instead of ZOS connect EE. I will be grateful If someone could help me understand the pros and cons of both ? I will have to present a case to defend usage of z/OS client web enablement toolkit.
Back to top
View user's profile Send private message
pulibhaskar123

New User


Joined: 26 Jan 2024
Posts: 4
Location: United States

PostPosted: Sat Feb 03, 2024 4:51 am
Reply with quote

Hi,

we are trying connect to https endpoints and receiving the error Unable to initialize SSL socket and No SSL cipher specifications reason code 402. I am able to connect to http endpoints and able to get the response. But getting the errors with https calls. Below are the verbose log about the errors.

HWTH SETUP options using are
HWTH-OPT-URI
HWTH-OPT-PORT
HWTH-OPT-COOKIETYPE
HWTH-COOKIETYPE-SESSION
HWTH-SSL-USE
HWTH-OPT-USE-SSL
HWTH-OPT-SSLVERSION
HWTH-SSLVERSION-TLSV12
HWTH-SSLKEYTYPE-KEYRINGNAME
HWTH-OPT-SSLKEYTYPE
HWTH-OPT-SSLKEY
HWTH-OPT-SSLCIPHERSPECS


0000000001 t: HWTH_OPT_VERBOSE has been set to HWTH_VERBOSE_ON
0000000001 t-Entry: iconnImpl
0000000001 t-Entry: initTranslationTables
0000000001 t-Exit: initTranslationTables
0000000001 t: Connecting to Use [URL] BBCode for External Links via port 443
0000000001 t: Attempting to connect to IP address: 142.250.65.228
0000000001 t-Entry: setSocketOptions
0000000001 t-Exit: setSocketOptions
0000000001 t: Connection established using socket: 0
0000000001 t-Entry: checkForTTLS
0000000001 t: ATTLS detection OK: s=0 pol=NO_POLICY
0000000001 t: Socket maps to TTLSRule: (none)
0000000001 t: ATTLS is *not* in effect
0000000001 t-Exit: checkForTTLS
0000000001 t-Entry: initSSLEnv
0000000001 t: Creating a new SSL environment
0000000001 t: Setting user specified SSL protocols
0000000001 t: Disabling the SSLV3 protocol
0000000001 t: Disabling the TLSV1 protocol
0000000001 t: Disabling the TLSV1.1 protocol
0000000001 t: Enabling the TLSV1.2 protocol
0000000001 t: Disabling the TLSV1.3 protocol
0000000001 t: Setting user-defined cipher specs to: 009F
0000000001 t: Setting SSL key database to: xxxxx/xxxxx
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_open()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: No applicable peerid.
0000000001 t: hostIsName() is TRUE 'www.google.com'
0000000001 t: Applied SNI extension for 'www.google.com'
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_init()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: Unable to initialize SSL socket.
0000000001 t-Entry: error
0000000001 t: An error occurred: No SSL cipher specifications
0000000001 t: Reason code: 402
0000000001 t: Return code: -1
0000000001 t: Service: 22
0000000001 t: Service Instance: 1
0000000001 t-Exit: error
0000000001 t-Entry: setReturnCode
0000000001 t-Exit: setReturnCode
0000000001 t-Entry: ignoreSignal
0000000001 t: now ignoring signal: SIGPIPE
0000000001 t-Exit: ignoreSignal
0000000001 t: Invoke gsk_secure_socket_close()
0000000001 t-Entry: restoreSignal
0000000001 t: restoring signal: SIGPIPE
0000000001 t-Exit: restoreSignal
0000000001 t: Disconnecting new socket due to SSL initialization failure
0000000001 t-Entry: idiscImpl
0000000001 t: Closing socket: 0
0000000001 t-Exit: idiscImpl


Please help me how to resolve the errors. Thanks
Back to top
View user's profile Send private message
vasanthz

Global Moderator


Joined: 28 Aug 2007
Posts: 1742
Location: Tirupur, India

PostPosted: Mon Feb 05, 2024 7:00 pm
Reply with quote

Hello,

You have to open a new topic for this.
Quote:
No SSL cipher specifications reason code 402.


This gives a hint, there is no common cipher algorithms that is common between the client and server.

Ciphers are encryption algorithms,
The client(the system from which you are initiating connection) will have a configuration that says, here are the list of algorithms that I can communicate with.

The server(the system to which you are trying to connect) it will have configuration that says, here are the list of algorithms that server can communicate.

There should be atleast one cipher in common between client and server, else you would get this error.
Back to top
View user's profile Send private message
pulibhaskar123

New User


Joined: 26 Jan 2024
Posts: 4
Location: United States

PostPosted: Wed Feb 07, 2024 9:50 am
Reply with quote

vasanthz wrote:
Hello,

You have to open a new topic for this.
Quote:
No SSL cipher specifications reason code 402.


This gives a hint, there is no common cipher algorithms that is common between the client and server.

Ciphers are encryption algorithms,
The client(the system from which you are initiating connection) will have a configuration that says, here are the list of algorithms that I can communicate with.

The server(the system in which you are trying to connect) it will have configuration that says, here are the list of algorithms that server can communicate.

There should be atleast one cipher in common between client and server, else you would get this error.
Back to top
View user's profile Send private message
pulibhaskar123

New User


Joined: 26 Jan 2024
Posts: 4
Location: United States

PostPosted: Wed Feb 07, 2024 9:51 am
Reply with quote

Thank you
Back to top
View user's profile Send private message
View previous topic :: :: View next topic  
Post new topic   Reply to topic View Bookmarks
All times are GMT + 6 Hours
Forum Index -> All Other Mainframe Topics

 


Similar Topics
Topic Forum Replies
No new posts COBOL ZOS Web Enablement Toolkit HTTP... COBOL Programming 0
No new posts Connect Direct 6.3 for Z/OS All Other Mainframe Topics 20
No new posts Getting TWA in CICS program while con... CICS 14
No new posts PL/1 Callback address logic in z/OS C... PL/I & Assembler 1
No new posts Unable to connect FTP over TLS from z... All Other Mainframe Topics 5
Search our Forums:

Back to Top