Application server as self-client has encryption, Application server as receiver does not
When the application server configured as self-client has encryption configured but the application server configured as the receiver does not, an error condition will occur.
The Application server STDOUT will display the following text (this is an
example):
[2019-02-11 07:35:28.743 _unp.utils ] - Callservice: Service call failed.
{ Error: connect ECONNRESET 192.168.55.23:48953
at Object.exports._errnoException (util.js:1020:11)
at exports._exceptionWithHostPort (util.js:1043:20)
at TCPConnectWrap.afterConnect [as oncomplete] (net.js:1099:14)
code: 'ECONNRESET',
errno: 'ECONNRESET',
syscall: 'connect',
address: '192.168.55.23',
port: 48953 }
The Application server log will record the error, if tracing is enabled. The following is an
example
entry:
(KS3_APPSRV_AS_SELF_CLIENT +; KS3_APPSRV_AS_SRV -;)
EZD1286I TTLS Error GRPID: 0000001C ENVID: 0000000C CONNID: 000B8B42 LOCAL: 192.168.55.23..8407
REMOTE: 192.168.55.23..48953 JOBNAME: S3APP12R USERID: S3STC RULE: KS3_APPSRV_AS_SELF_CLIENT
RC: 406 Initial Handshake 0000000000000000 000000552EB21A10 0000000000000000 00000000
RC = 406
This means that an I/O error occurred on the socket. An I/O error occurs if the TCP socket is closed underneath the SSL protocol, such as when a reset is received.
User response
Check the following items:
- Ensure that the remote partner is enabled for secure connections.
- Determine whether the secure negotiation completed. Use the AT-TLS Data trace level to determine whether the secure negotiation completed.
- Verify that the TCP data is sent by the remote partner. Use a TCP/IP packet trace to verify that the TCP data is sent by the remote partner.