Secure Socket Layer (SSL) failure. error code 17424: SSL ro

Posted by heino on 04-Oct-2019 11:45

I am trying to use OpenEdge.Net.pl for making a REST call over https and I an have a issue:

Secure Socket Layer (SSL) failure. error code 17424:  SSL routines (9318)

I have added the needed certifactes  to the $DLC/certs folder, but I still have  the same issue.

If I try to connect to this site over sslc with command 

sslc s_client -connect dolphin.pay-nxt.com:443  -CApath $DLC/certs

I have an error 40. If i changed sslc command  to 

sslc s_client -connect dolphin.pay-nxt.com:443 -servername dolphin.pay-nxt.com -CApath $DLC/certs

then my connection is successful. 

It turns out, that this kind of issue is related to the certifcates that are issued to multiple sites.  Like dolphin.pay-nxt.com, whale.pay-nxt.com ...

How can I add servername option to the connect method? 

 

Posted by Ruben Dröge on 04-Oct-2019 11:51

Hi Heino, I think you're looking for this: https://knowledgebase.progress.com/articles/Article/SSL-routines-error-with-HTTP-Client-and-SNI-enabled-site

oLib        = ClientLibraryBuilder:Build()
              :sslVerifyHost(NO)
              :ServerNameIndicator('some.servername.com')
              :library. 

All Replies

Posted by Ruben Dröge on 04-Oct-2019 11:51

Hi Heino, I think you're looking for this: https://knowledgebase.progress.com/articles/Article/SSL-routines-error-with-HTTP-Client-and-SNI-enabled-site

oLib        = ClientLibraryBuilder:Build()
              :sslVerifyHost(NO)
              :ServerNameIndicator('some.servername.com')
              :library. 

Posted by heino on 08-Oct-2019 07:40

Thank You. After installing service pack 11.7.5 everything started to work!

This thread is closed