ERROR: "XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid..." value = 0
search cancel

ERROR: "XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid..." value = 0

book

Article ID: 256675

calendar_today

Updated On:

Products

XCOM Data Transport XCOM Data Transport - Linux PC XCOM Data Transport - Windows

Issue/Introduction

We are testing SSL enabled transfers to our AIX server, we have installed the relevant certificate's and updated the configssl.cnf file with the relevant certificate paths and password.

A SSL loop back test gives us the following error :

TID=555769 PRG=xcomtcp PID=12976186 IP=127.0.0.1 PORT=8045
XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </opt/CA/XCOM/config/configssl.cnf> file.> value = 0:
#XCOMU0298E Unable to allocate remote transaction program: XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </opt/CA/XCOM/config/configssl.cnf> file.> value = 0:

An XCOM trace file shows the error occurs on line 175 of file configssl.cnf:

E - catoossl.c(5817): Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </opt/CA/XCOM/config/configssl.cnf> file.> value = 0
E - catoossl.c(5818): Error 307
E - txpierr.c(179): Not setting dwReturnCode; old value: 307
E - catoossl.c(5818): Txpi  307: TxpiSSLConfig Failed msg = <error:0E065068:configuration file routines:STR_COPY:variable has no value +++ line 175> value = 0

Lines 175 and 176 of the configssl.cnf file are for the PASSWORD values which contain "$":

INITIATE_SIDE = #########$#####
RECEIVE_SIDE  = #########$#####

The password is definitely correct for the certificate.

NOTE: Please be aware that the above password value is just a sample for the purpose of this article.

Environment

  • XCOM™ Data Transport® for AIX 11.6
  • XCOM™ Data Transport® for UNIX/Linux PC

Resolution

The XCOM trace file indicates it is the initial parsing of the configssl.cnf file that is failing i.e. it is not getting as far as checking the password value validity against the certificate.
The file parsing is failing because the PASSWORD value contains a "$" i.e. after removing the "$" the file parsed successfully.
XCOM is using an OpenSSL library which is parsing the file contents and the "$" in the value is a special character that needs to be escaped or quoted: config - OpenSSL Documentation.

All these options were successful in parsing the file:

1. Escape the $ with a \ :
INITIATE_SIDE = ########\$#####
RECEIVE_SIDE  = #########\$#####

2. Double quote the $ :
INITIATE_SIDE = #########"$"#####
RECEIVE_SIDE  = ########"$"#####

3. Double quote the whole string :
INITIATE_SIDE = "#########$#####"
RECEIVE_SIDE  = "########$#####"

4. Single quote the $ :
INITIATE_SIDE = #########'$'#####
RECEIVE_SIDE  = #########'$'#####

5. Single quote the whole string :
INITIATE_SIDE = '#########$#####'
RECEIVE_SIDE  = '#########$#####'

Options #3 or #5 maybe the easiest to use and least prone to error.
It was confirmed that using option #3 did resolve both the file parsing problem and gave a successful certificate validation.

Powered by Wolken Software