CA XCOM SSL transfer fails with "XCOMN0780E Txpi 308: TxpiInitSSL Failed msg = <error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed> value = 4294967295"
book
Article ID: 129195
calendar_today
Updated On:
Products
CA XCOM Data TransportCA XCOM Data Transport - WindowsCA XCOM Data Transport - Linux PCCA XCOM Data Transport - z/OS
Issue/Introduction
A CA XCOM SSL transfer from Windows to Linux is failing. From the GUI interface "History Records" -> "Log Browser" shows:
2019/03/12 06:48:39 TID=000014 #XCOMN0298E Unable to allocate remote transaction program: Txpi 215: Socket send error return value = 10038
Cause
The root certificate had been created separately on each machine using the sample script makeca.bat/makeca. However it needs to be the same on all partner machines used for file transfers.
Environment
CA XCOM 11.6 SP2
Resolution
1. Stop the Linux XCOM scheduler
2. Using XCOM file transfer or ftp (binary mode) copy the root certificate files from the Windows machine to the Linux machine to override the existing certificate files there i.e. copy these 2 files: %XCOM_HOME%\ssl\certs\cassl.pem -> $XCOM_HOME/ssl/certs/cassl.pem %XCOM_HOME%\ssl\private\casslkey.pem -> $XCOM_HOME/ssl/private/casslkey.pem
3. Recreate the server and client certificates on the Linux machine using these commands: cd $XCOM_HOME ./makeserver ./makeclient
4. Start the Linux XCOM scheduler.
The file transfer problem should then be resolved.