ERROR: "XCOMU0780E SSL3_GET_RECORD:wrong version number" with XCOM SSL loopback
search cancel

ERROR: "XCOMU0780E SSL3_GET_RECORD:wrong version number" with XCOM SSL loopback

book

Article ID: 247353

calendar_today

Updated On:

Products

XCOM Data Transport - Linux PC

Issue/Introduction

Attempting to configure SSL for "CA XCOM Data Transport r11.6 14080 SP00 64bit" on AIX and encountering the following error in the xcom.log from a loopback test.
The configssl.cnf file has SSL_METHOD parameters set to v3, as only SSL v3 and TLS v1.0 are supported by the above XCOM version.

XCOMU0780E Txpi  308: TxpiInitSSL Failed msg = <error:1408F10B:SSL routines:SSL3_GET_RECORD:wrong version number> value = 4294967295:

Additional messages:

#XCOMU0297E Error requesting header confirmation: Txpi  227: Socket received 0 bytes: partner closed socket. Last error: 0

OR:

#XCOMU0298E Unable to allocate remote transaction program: Txpi  215: Socket send error return value = 9

Environment

XCOM™ Data Transport® for AIX 
XCOM™ Data Transport® for UNIX/Linux PC

Resolution

The SSL_METHOD parameter setting is actually unrelated to the root cause of the problem..
The loopback test configuration file contained the parameter "PORT=8045" to connect to the correct SSL port but did not contain parameter "SECURE_SOCKET=YES".
The parameter SECURE_SOCKET defaults to NO and is required to be set to YES when executing a transfer which uses an SSL port/socket.
Using "PORT=8045" with "SECURE_SOCKET=YES" resolved the problem.

Additional Information

NOTES:
1. The same "SSL3_GET_RECORD:wrong version number" error will also be encountered when inadvertently using the incorrect combination of unsecure port "PORT=8044" with "SECURE_SOCKET=YES".

2. If using current version r11.6 SP01 with "SECURE_SOCKET=YES" not set the error will be different when using SSL_METHOD parameter value of all. See related KB article: XCOM loopback "SSL23_GET_CLIENT_HELLO:unknown protocol"

XCOM for Unix r11.6 14080 SP00 64bit is a relatively old release and 14080 is only 3 patch levels higher than SP00 GA. Also SP00 has been superseded by SP01.
Therefore support would strongly advise considering an upgrade to r11.6 SP01 and also installing its latest patch to be at the latest maintenance level. SP01 will also provide TLS v1.2 support.
More details here:
XCOM Data Transport for UNIX/Linux 11.6.1 > Installing > Install Using ISO Conventional Method > Upgrade Using ISO Conventional Method
XCOM Data Transport for UNIX/Linux 11.6.1 > Release Notes > Enhanced Features > Service Pack 11.6.01

Powered by Wolken Software