C
carlovervoort
Guest
Hello, I'm facing a similar issue connecting to an external SOAP API. this was working fine until several days ago. Unfortunately we are not finding the issue. We are running 11.7.5 on Linux. When connecting to the endpoint (CONNECT in ABL), i'm getting this error: 11:16:22 Secure Socket Layer (SSL) failure. error code 336151568: SSL routines (9318) 11:16:22 Connection failure for host ws.newyse.com port 443 transport HTTPS. (9407) 11:16:22 Error loading WSDL document Fatal Error: connect operation failed (Success) (11748) So for some reason the SSL handshake is not working. Using this command the SSL connection seems fine: $proenv> sslc s_client -connect url.to.api:443 -CApath $DLC/certs No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 5386 bytes and written 410 bytes Verification: OK Without explicitly setting the -CApath to $DLC/certs i'm getting an error: $proenv> sslc s_client -connect url.to.api:443 No client certificate CA names sent Peer signing digest: SHA256 Peer signature type: RSA-PSS Server Temp Key: X25519, 253 bits --- SSL handshake has read 5386 bytes and written 410 bytes Verification error: self signed certificate in certificate chain Has anyone have some idea on how to debug this issue? also set the logging to "5" and got this: [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x00000000 BIO-0x00000000 INFO --- Initialized OpenSSL client logging [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x00000000 BIO-0x00000000 INFO --- Enabling SSL Client session reuse [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x00000000 BIO-0x00000000 INFO --- Set SSL Client CipherSuites: AES256-GCM-SHA384 [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x00000000 BIO-0x00000000 INFO --- Set SSL Client Protocols: TLSv1.2 [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x00000000 INFO --- SSL Client starting handshake with host (url.to.api) [Thu Aug 29 11:16:22 2019] INTERNAL STATE OPERATION --- SSL State: 16 before SSL initialization [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- ctrl to 03070B50 [03070ED0] (6 bytes => 0 (0x0)) [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- contents of a BIO dump: [Thu Aug 29 11:16:22 2019] INTERNAL STATE OPERATION --- SSL_connect:before SSL initialization >>> ??? [length 0005] 16 03 01 00 89 >>> ??? [length 0089] 01 00 00 85 03 03 9d 95 32 2b b6 cf 7f 05 8a 1b c6 59 dd 18 7d b8 95 36 63 ee 2b fc 0c 79 da 48 0b 23 38 61 d0 6e 00 00 04 00 9d 00 ff 01 00 00 58 00 0b 00 04 03 00 01 02 00 0a 00 0c 00 0a 00 1d 00 17 00 1e 00 19 00 18 00 23 00 00 00 16 00 00 00 17 00 00 00 0d 00 30 00 2e 04 03 05 03 06 03 08 07 08 08 08 09 08 0a 08 0b 08 04 08 05 08 06 04 01 05 01 06 01 03 03 02 03 03 01 02 01 03 02 02 02 04 02 05 02 06 02 [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- write to 03070B50 [0318D3B0] (142 bytes => 142 (0x8E)) [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- contents of a BIO dump: 0000 - 16 03 01 00 89 01 00 00-85 03 03 9d 95 32 2b b6 .............2+. 0010 - cf 7f 05 8a 1b c6 59 dd-18 7d b8 95 36 63 ee 2b ......Y..}..6c.+ 0020 - fc 0c 79 da 48 0b 23 38-61 d0 6e 00 00 04 00 9d ..y.H.#8a.n..... 0030 - 00 ff 01 00 00 58 00 0b-00 04 03 00 01 02 00 0a .....X.......... 0040 - 00 0c 00 0a 00 1d 00 17-00 1e 00 19 00 18 00 23 ...............# 0050 - 00 00 00 16 00 00 00 17-00 00 00 0d 00 30 00 2e .............0.. 0060 - 04 03 05 03 06 03 08 07-08 08 08 09 08 0a 08 0b ................ 0070 - 08 04 08 05 08 06 04 01-05 01 06 01 03 03 02 03 ................ 0080 - 03 01 02 01 03 02 02 02-04 02 05 02 06 02 .............. [Thu Aug 29 11:16:22 2019] INTERNAL STATE OPERATION --- SSL_connect:/TLS write client hello [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- read to 03070B50 [031841F3] (5 bytes => 5 (0x5)) [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- contents of a BIO dump: 0000 - 15 03 03 00 02 ..... 2 (0x2)) [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- contents of a BIO dump: 0000 - 02 28 .( 0 (0x0)) [Thu Aug 29 11:16:22 2019] ID-0x03179610 CTX-0x0317c420 BIO-0x03070b50 BIO --- contents of a BIO dump Hopefully anybody has an idea on how to solve this.
Continue reading...
Continue reading...
