Re: ssl_error(406)

Ya, when I wrote GETURI many many years ago I needed to decide what to use
for a default for some values. Because I had written my eRPG book I chose
that as the default user agent, which of course can be overridden or even
the default changed with CHGCMDDFT. :)

I have no idea why GETURI works and HTTPAPI is having this issue as I am
pretty sure we use the same GSK APIs for SSL communications. I'm happy to
help in any way to figure out why, though.

Brad
www.bvstools.com

On Mon, Apr 5, 2021 at 12:27 PM Greg Wilburn <
gwilburn@xxxxxxxxxxxxxxxxxxxxxxx> wrote:

Thanks Brad. I was able to get GETURI to make the connection
successfully. However, HTTPAPI still disconnects with the same SSL error.

From what I can see, the HTTP headers appear to be identical except for
the "order" and User-Agent.

HTTPAPI Debug
GET /v1/orders HTTP/1.1
Host: api.meetribbon.com
User-Agent: http-api/1.43
Accept: application/json
Content-Type: application/json
Authorization: NSDB2I5C8FK83BS783KB
secretToken: <token removed>
vendorID: 5f8a007f71696800d98427b1
agencyID: 5f077af27d6be71f487bdd34

recvresp(): entered
(GSKit) I/O: A connection with a remote socket was reset by that socket.
ssl_error(406): (GSKit) I/O: A connection with a remote socket was reset
by that socket.
SetError() #44: CommSSL_read: read:(GSKit) I/O: A connection with a
remote socket was reset by
recvresp(): end with err
http_close(): entered

-----------------------------

GETURI debug
GET /v1/orders HTTP/1.1
Accept: application/json
User-Agent: e-RPG
Host: api.meetribbon.com
Content-Type: application/json
Authorization: NSDB2I5C8FK83BS783KB
secretToken: <token removed>
vendorID: 5f8a007f71696800d98427b1
agencyID: 5f077af27d6be71f487bdd34

HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 512984
Connection: keep-alive
Date: Mon, 05 Apr 2021 15:23:54 GMT

-----Original Message-----
From: RPG400-L [mailto:rpg400-l-bounces@xxxxxxxxxxxxxxxxxx] On Behalf Of
Brad Stone
Sent: Thursday, April 01, 2021 5:13 PM
To: RPG programming on IBM i <rpg400-l@xxxxxxxxxxxxxxxxxx>
Subject: Re: ssl_error(406)

First thing I would do is make sure you have the proper accept header... I
don't see one in your request. */* usually works. But application/json is
probably what they're looking for. I have seen many web APIs puke because
the proper accept header wasn't there.

If that's not it, this reminds me of an issue a couple others of us were
having back in the day that dealt with caching ssl info or something like
that? It's been a while so I don't recall, but I did have one customer who
worked with IBM when something like this started happening after
applying PTFs.

I'd contact IBM and do some tracing. I don't think it has anything to do
with HTTPAPI... more likely either the remote system doesn't like what's
happening on the IBM i side of things.

I think there is also lower level debugging.. i didn't see anything about
handshakes in the debug provided.

Brad
www.bvstools.com




On Thu, Apr 1, 2021 at 3:50 PM Greg Wilburn <
gwilburn@xxxxxxxxxxxxxxxxxxxxxxx> wrote:

Still haven't found it... literally driving me crazy.

This is from Postman... they do have more things in the header, but
nothing I can see that would cause the disconnect. (Auth and Token

removed)

GET /v1/orders HTTP/1.1
Authorization: xxxxxxx
secretToken: xxxxxx
vendorID: 5f8a007f71696800d98427b1
agencyID: 5f077af27d6be71f487bdd34
User-Agent: PostmanRuntime/7.26.8
Accept: */*
Cache-Control: no-cache
Postman-Token: 791bd877-1b46-47b4-9151-17abaa3435ec
Host: api.meetribbon.com
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 492155
Connection: keep-alive
Date: Thu, 01 Apr 2021 20:42:27 GMT
x-amzn-RequestId: 20d6fddc-de62-4a89-a6c2-48e5edb3285f
Access-Control-Allow-Origin: *
x-amz-apigw-id: dHx4BHEXIAMFbaQ=
X-Amzn-Trace-Id: Root=1-60663033-689445b2217af86e4e83d55a;Sampled=0
X-Cache: Miss from cloudfront
Via: 1.1 502d715ad2f775c7dae1f1c4bfbfc169.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: EWR52-C4
X-Amz-Cf-Id: kAPNoCT4qtti3i07pkeXZFeIXJuuxNccGLIwGa5e3A1Dt93U9znpYg==

...more

This is from the HTTPAPI Debug

SetError() #49: SSL_protocol: Unknown protocol 5000
Protocol Used:
http_persist_req(GET) entered.
http_long_ParseURL(): entered
http_long_ParseURL(): entered
do_oper(GET): entered
There are 0 cookies in the cache
GET /v1/orders HTTP/1.1
Host: api.meetribbon.com
User-Agent: http-api/1.43
Authorization: xxxxxxx
secretToken: xxxxxxxx
vendorID: 5f8a007f71696800d98427b1
agencyID: 5f077af27d6be71f487bdd34

recvresp(): entered
(GSKit) I/O: A connection with a remote socket was reset by that socket.
ssl_error(406): (GSKit) I/O: A connection with a remote socket was reset
by that socket.
SetError() #44: CommSSL_read: read:(GSKit) I/O: A connection with a
remote socket was reset by
recvresp(): end with err
http_close(): entered

--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com
--
This is the RPG programming on IBM i (RPG400-L) mailing list
To post a message email: RPG400-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/rpg400-l
or email: RPG400-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/rpg400-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.

Help support midrange.com by shopping at amazon.com with our affiliate
link: https://amazon.midrange.com