× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2015

Re: What can cause an app using SSL to fail breifly for short window, 2 minutes.

Paul,

I've not heard of something that would cause SSL, specifically, to temporarily stop working.

The "Read timed out" message seems to imply that the network itself stopped responding. Hiccups like that do happen... if that happened during an SSL handshake, it could certainly foul things up. The timeout period in an SSL handshake is not a fixed number. Whomever wrote the code that calls the GSKit APIs can change the timeout value. You should discuss this with whomever is providing you with this software. (If this is software that you have written internally, let me know and I'll see if I can find the appropriate details -- but I get the impression that you didn't write this yourself.)

The error messages that say "Peer not recognized" usually occur due to someone attempting to connect to an SSL server with a plain text (or otherwise non-SSL) client. At least, that has been the most common cause in my experience.

-SK



On 9/2/2015 2:35 PM, Steinmetz, Paul wrote:

What can cause an app using SSL to fail briefly for short window, 2 minutes?
We see SSL failure message in both the iSeries app log and the remote server log.

Remote server log
MessageProtocolFTCP2:Send status: false IOExceptionRead timed out

iSeries App log
Exception=communication error with gateway connection SystemException_1{#0,Key=null,ReturnCod

[02 04:04:52.029] ERROR MSMASYNC: msm_listener: 21: -->
+ failed to gsk_secure_soc_init on 8604, rc=415 error=Peer not recognized or bad
+ ly formatted message received., rejecting this non-SSL connection

02 04:06:50.949] ERROR MSMASYNC: msm_listener: 21: -->
failed to gsk_secure_soc_init on 8604, rc=415 error=Peer not recognized or bad
ly formatted message received., rejecting this non-SSL connection

If an SSL handshake doesn't compete in x amount of time, could this be the cause of the issue?
How long is X?
2 minutes?

Where or how would one start to try and troubleshoot this issue?

Thank You
_____
Paul Steinmetz
IBM i Systems Administrator

Pencor Services, Inc.
462 Delaware Ave
Palmerton Pa 18071

610-826-9117 work
610-826-9188 fax
610-349-0913 cell
610-377-6012 home

psteinmetz@xxxxxxxxxx
http://www.pencor.com/





As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.