An XCOM SSL transfer from Windows to Linux is failing. From the GUI interface "History Records" -> "Log Browser" shows:
2019/03/12 06:48:39 TID=000014 PRG=xcomtcp PID=6464 IP=<IP Address>.125 PORT=8045
XCOMN0780E Txpi 308: TxpiInitSSL Failed msg = <error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed> value = 4294967295:
2019/03/12 06:48:39 TID=000014
#XCOMN0298E Unable to allocate remote transaction program: Txpi 215: Socket send error return value = 10038
1. On the Linux server:
a. Stop the XCOM for Linux xcomd service/daemon and backup the directory $XCOM_HOME/ssl.
b. Delete these files/directories:
- certs and private directories in the directory $XCOM_HOME/ssl.
- all index* files in the directory $XCOM_HOME/ssl.
- all serial* files in the directory $XCOM_HOME/ssl.
- random.pem file in the directory $XCOM_HOME/ssl.
c. Run the makeca script.
This will recreate the certs and private directories and the cassl.pem (certs) and casslkey.pem (private) files.
Delete those new files.
2. Copy the root certificate files from the Windows server to the Linux server i.e. copy these files in ASCII mode:
%XCOM_HOME%\ssl\certs\cassl.pem -> $XCOM_HOME/ssl/certs/cassl.pem
%XCOM_HOME%\ssl\private\casslkey.pem -> $XCOM_HOME/ssl/private/casslkey.pem
3. Recreate the server and client certificates on the Linux server using these commands:
cd $XCOM_HOME
./makeserver
./makeclient
4. Start the XCOM for Linux xcomd service/daemon.
The file transfer problem should then be resolved.
NOTE: It is not strictly necessary to stop xcomd because it re-reads the ssl directory every time a transfer is made. However to prevent transfers from taking place during the above changes it is good idea to do so.
Related documentation: Generating TLS/SSL Certificates
Related articles:
Setting up XCOM partners to use the same root certificate
XCOM SSL scripts "failed to update database", "TXT_DB error"