Hi,

I'm trying to connect a Linux system(Debian) to a Identity Manager 4.02
running on OES11SP1. I installed and configured the Core Driver as per
documentation(I hope..) the service is listening on 3451 port. I
installed the Platform services on the connected system(Debian) but when
I have to configure SSL i get the folowing error: Error in SSL connect;
check address and port
I activated a trace log on the connected system:
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: starting
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: host = srv11.viki.ro
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: port = 3451
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: appears to be a hostname
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) attempting
to dup socket
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) Got new
socket descriptor, socket=256
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_select: selecting for time_out=19999574
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: select returned
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: connected
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_select: selecting for time_out=19996796
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_connect: could not make SSL connect (unclean shutdown), error =
1
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) Printing SSL
error queue:
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09E086:FIPS routines:FIPS_digestfinal:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09E086:FIPS routines:FIPS_digestfinal:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09E086:FIPS routines:FIPS_digestfinal:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09F086:FIPS routines:FIPS_digestupdate:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl) SSL
error:2D09E086:FIPS routines:FIPS_digestfinal:selftest failed
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_close: starting
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_close: ending
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_valid_socket: invalid socket number=-1
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_destroy: starting
2014-08-11 08:12:24 [8290@3076421312]: (network_tcpip_ssl)
tcp_ssl_destroy: ending, errno = 11

Because I found nothing relevant about the errors I activated the
debug.log on Core Driver:

2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl)
tcp_ssl_accept: starting
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl) attempting
to dup socket
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl) Got new
socket descriptor, socket=1027
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl)
network_connection_tcpip_ssl_create: starting
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl)
network_connection_tcpip_ssl_create: ending
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl)
tcp_ssl_accept: ending
2014-08-11 08:12:38 [21687@2888537856]: (listener)
listener_accept_connections: true
2014-08-11 08:12:38 [21687@2888537856]: (listener)
listener_work_task_execute: starting
2014-08-11 08:12:38 [21687@2888537856]: (os_pthread) os_start_task:
name=SSL HTTP Worker Thread
2014-08-11 08:12:38 [21687@2888537856]: (pthread) pthread_start_task:
name=SSL HTTP Worker Thread
2014-08-11 08:12:38 [21687@2888537856]: (pthread) pthread_start_task:
new task id=-1406970112
2014-08-11 08:12:38 [21687@2888537856]: (listener)
listener_work_task_execute: giving task to 18446744072302581504
2014-08-11 08:12:38 [21687@2888537856]: (listener) listener_poll_tasks:
task 18446744072302581504 (ac235700) is active
2014-08-11 08:12:38 [21687@2888537856]: (network_tcpip_ssl)
tcp_ssl_select: selecting for time_out=60000000
2014-08-11 08:12:38 [21687@2887997184]: (http_server_task)
http_server_execute: running SSL HTTP Worker Thread (22)
2014-08-11 08:12:38 [21687@2887997184]: (http_server_task)
http_server_execute: starting
2014-08-11 08:12:38 [21687@2887997184]: (listener_subtask)
listener_subtask_init: starting
2014-08-11 08:12:38 [21687@2887997184]: (listener_subtask)
listener_subtask_init: after os_take_connection_from_task
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_select: selecting for time_out=20000000
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_accept_final: could not make SSL accept (clean shutdown), error
= 5
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_accept_final: SSL syscall error, errno = 0
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl) Printing
SSL error queue:
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_get_peer_info: starting
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_get_peer_info: could not get peer name, errno=107
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_get_peer_info: ending
.....
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl) Printing
SSL error queue:
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl) SSL
error:140940E5:SSL routines:SSL3_READ_BYTES:ssl handshake failure
2014-08-11 08:12:38 [21687@2887997184]: (http_common) http_read_line:
http_read failed
2014-08-11 08:12:38 [21687@2887997184]: (http_server)
http_read_request_line: read error, len=-1 (0)
2014-08-11 08:12:38 [21687@2887997184]: (http_server) http_get_request:
http_read_request_line failed
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_close: starting
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_close: ending
2014-08-11 08:12:38 [21687@2887997184]: (http_server_task)
http_server_execute: get request failed
2014-08-11 08:12:38 [21687@2887997184]: (http_common) http_terminate:
starting
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_close: starting
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_close: could not close, errno=9
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_destroy: starting
2014-08-11 08:12:38 [21687@2887997184]: (network_tcpip_ssl)
tcp_ssl_destroy: ending, errno = 9

The error I see is "could not get peer name, errno=107" but when I do
nslookup on both Core Driver and Platform service the names of the
systems are resolvables.

I tried openssl s_client command and it connects on the same port:
openssl s_client -connect srv11.viki.ro:3451

Can someone help me please to figure out what is wrong ?

Thanks,
Viki


--
vdusnoki
------------------------------------------------------------------------
vdusnoki's Profile: https://forums.netiq.com/member.php?userid=5728
View this thread: https://forums.netiq.com/showthread.php?t=51495