Under Solaris I would expect the socssl to be ignored.
Have you set/created the keystore ?
Is the SSL INFORMIXSERVER in DBSERVERNAME or DBSERVERALIASES
Cheers
Paul
Original Message:
Sent: 6/24/2021 2:17:00 AM
From: Vijayanand Dhandapani
Subject: RE: SSL Listener not getting started in Solaris 10 and Informix 11.5 Combination.
Hi Paul,
Thanks for your response. I have tried below two combinations
1) sqlhosts - <unique_alias_for_ssl> onsocssl <hostname> <portno>
NETTYPE socssl,3,150,NET
Informix comes up fine without any error but no ssl listener getting forked.
2) sqlhosts - <unique_alias_for_ssl> ontlissl <hostname> <portno>
NETTYPE tlissl,3,150,NET
Informix doesn't even comeup (more information in my first post)
-------------
I have also tried replacing hostname with IPaddress.
Please let me know if there is any other protocol for ssl that would work on solaris 10 and Informix 11.5 combination.
------------------------------
Vijayanand Dhandapani
------------------------------
Original Message:
Sent: Wed June 23, 2021 01:50 PM
From: Paul Watson
Subject: SSL Listener not getting started in Solaris 10 and Informix 11.5 Combination.
You can't start an SSL from command line AFAIK, it is/was in the code so the onmode –P will fail
I wouldn't expect soc to work, if you mismatch the protocol then the engine will start one tlitcp listener - at least that is what I have seen under Solaris
What is your SQLHOSTS and nettype?
Cheers
Paul
Original Message:
Sent: 6/22/2021 10:38:00 PM
From: Vijayanand Dhandapani
Subject: SSL Listener not getting started in Solaris 10 and Informix 11.5 Combination.
Hi All, Back to informix world after about 2.5 years
IMPORTANT NOTE - I understand the version is outdated and there will be suggestions to upgrade Informix version. FYI, I just joined this new company two weeks back and don't have any say on the versions at this point although I have already advised them that moving to version 14 is the future direction.
Problem Description: New SSL Setup
OS version - SunOS <hostname> 5.10 Generic_153153-01 sun4v sparc sun4v
Informix Version - IBM Informix Dynamic Server Version 11.50.FC9W3XI
--------------- Noticing issue with SSL Protocol specifications on Solaris ---------
If protocol is specified as socssl (both onconfig and sqlhosts are modified to match)
Informix comes up but could NOT see the ssl listener getting forked during startup according to the configuration
Initializing DR structures...succeeded
Forking 2 'ipcshm' listener threads...succeeded
Forking 1 'tlitcp' listener threads...succeeded <--- SSL listener not getting forked during startup itself ---->
Starting tracing...succeeded
Trying to start through onmode gives error.
onmode -P start <DBSERVERALIASNAME for ssl>
Could not start listen thread for server <DBSERVERALIASNAME for ssl>
Inside message log
15:56:26 Starting listen thread for sqlhosts server <DBSERVERALIASNAME for ssl>
15:56:26 Unknown or unsupported type of network protocol for the specified server.
-----------------------------
Considering that OS is solaris, If protocol is specified as "tlissl", the engine is not even coming up.
(Both onconfig and sqlhosts modified properly)
Initialization of Encryption...succeeded
The specified service name or protocol is unknown. Error -25507.
Initializing ASF...FAILED
===========================================================
Any clue on what would be the correct SSL protocol to specify (apart from "onsocssl" and "ontlissl" ).
Additional Info:The same implementation of "onsocssl" protocol is working in AIX and Informix 12.1 Combination.
------------------------------
Thanks & Regards,
Vijayanand Dhandapani
------------------------------
#Informix