× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



I'm sure that bouncing Apache helps by ending all the existing server jobs. My current theory is that there's something in state, and the remote service changes something which makes my state invalid.

"Most likely the endpoint server updated their SSL certificate, or it expired." I'm pretty much convinced this is the issue. I submit hundreds of requests a day, generally without incident. Yesterday, everything was fine until right at 9am. We caught the problem in just a few minutes, bounced Apache and everything was back to normal.

Right now, I'm working on a method to auto-recover.



-----Original Message-----
From: Bradley Stone [mailto:bvstone@xxxxxxxxx]
Sent: Tuesday, September 18, 2018 10:16 AM
To: RPG programming on the IBM i / System i <rpg400-l@xxxxxxxxxxxx>
Subject: Re: HTTPAPI & revoked SSL cert

The apache server shouldn't have anything to do with HTTPAPI.

But, you may want to check:

1. You're on V7R2 or higher and have all the latest PTFs. If you're on
V7R1 or earlier, you may be running into the issue that the cipher used on the server SSL cert isn't available on your system. Only fix is to update your OS version.

2. You don't have any expired Certificates OR CAs in DCM. If so, remove them. I've seen this cause issues even if the Cert of CA has NOTHING to do with the application being used. *shrug*

3. Make sure you have either strict SSL turned off, or you've imported the CAs used by the server cert.

4. Hopefully the server certificate isn't expired. I've seen that happen to the best of them where they forget to renew (even with Google).

When errors just start happening like this, it's best to look at what has changed. Most likely the endpoint server updated their SSL certificate, or it expired.

I'm surprised there isn't more information in the error provided other than the cert was rejected.

Bradley V. Stone
www.bvstools.com
MAILTOOL Benefit #16 <https://www.bvstools.com/mailtool.html>: No external "helper" PC system required. 100% IBM i native!



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.