search cancel

XCOMU0780E TxpiSSLConfig Missing or invalid configssl.cnf


Article ID: 256675


Updated On:


XCOM Data Transport XCOM Data Transport - Linux PC XCOM Data Transport - Windows XCOM Data Transport - z/OS


We are testing SSL enabled transfers to our AIX server, we have installed the relevant certificate's and updated the configssl.cnf file with the relevant certificate paths and password.

A SSL loop back test gives us the following error :
2022/12/22 10:20:11 TID=555769 PRG=xcomtcp PID=12976186 IP= PORT=8045

    XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </opt/CA/XCOM/config/configssl.cnf> file.> value = 0:

2022/12/22 10:20:11 TID=555769

    #XCOMU0298E Unable to allocate remote transaction program: XCOMU0780E Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </

opt/CA/XCOM/config/configssl.cnf> file.> value = 0:

XCOM trace file shows the error occurs on line 175 of file configssl.cnf:
E - catoossl.c(5817): Txpi  307: TxpiSSLConfig Failed msg = <ConfigSSL: Missing or invalid </opt/CA/XCOM/config/configssl.cnf> file.> value = 0
E - catoossl.c(5818): Error 307
E - txpierr.c(179): Not setting dwReturnCode; old value: 307
E - catoossl.c(5818): Txpi  307: TxpiSSLConfig Failed msg = <error:0E065068:configuration file routines:STR_COPY:variable has no value +++ line 175> value = 0

Lines 175 and 176 of the configssl.cnf file are for the PASSWORD values which contain "$":
RECEIVE_SIDE  = SAmp123XX$#ss45

The password is definitely correct for the certificate.

NOTE: Please be aware that the above password value is just a sample for the purpose of this article.


Release : 11.6


The XCOM trace file indicates it is the initial parsing of the configssl.cnf file that is failing i.e. it is not getting as far as checking the password value validity against the certificate.
Support ran tests in house and found that the file parsing is failing because the PASSWORD value contains a "$" i.e. after removing the "$" the file parsed successfully.
XCOM Engineering advised that it is an openssl library that XCOM is using which is parsing the file contents and the "$" in the value appears to be a special character that needs to be escaped or quoted:

Support found that all these options were successful in parsing the file:

1. Escape the $ with a \ :
INITIATE_SIDE = SAmp123XX\$#ss45
RECEIVE_SIDE  = SAmp123XX\$#ss45

2. Double quote the $ :
INITIATE_SIDE = SAmp123XX"$"#ss45
RECEIVE_SIDE  = SAmp123XX"$"#ss45

3. Double quote the whole string :
INITIATE_SIDE = "SAmp123XX$#ss45"
RECEIVE_SIDE  = "SAmp123XX$#ss45"

4. Single quote the $ :
INITIATE_SIDE = SAmp123XX'$'#ss45
RECEIVE_SIDE  = SAmp123XX'$'#ss45

5. Single quote the whole string :
INITIATE_SIDE = 'SAmp123XX$#ss45'
RECEIVE_SIDE  = 'SAmp123XX$#ss45'

Options #3 or #5 maybe the easiest to use and least prone to error.
It was confirmed that using option #3 did resolve both the file parsing problem and gave a successful certificate validation.