Hello all, I've been recently working on a web site that will use an automated interface to the credit reporting agency Equifax. Equifax has been setting up a brand new SSL-based interface. In using OpenSSL to communicate with their system, I've run into a strange problem. Bottom line, if I send a valid request to Equifax, everything works fine. If I send an invalid request which causes an Equifax error, it hangs for 30 seconds before giving me the response. Sounds like Equifax's problem, right? That's what I thought, until I put it in trace mode, and saw that the response is being completely returned, and then OpenSSL waits, and then finally gives it up 30 seconds later. The primary difference is that an error response is much shorter than a full credit report response. So then I thought that maybe their server is not closing the TCP/IP connection or something. However, my test system is running OpenSSL 0.9.5a, but my production system is running 0.9.3a. When I try it on my production system, it works perfectly! It still may be something on their side that perhaps 0.9.3a was less sensitive to, but it's pretty strange. Equifax's server is using Netscape-Enterprise/3.6 SP3. They are using Java Servlets, if that's relevent. I'm trying to get them to give me a temporary security code so that I could work with an OpenSSL maintainer. Until then, does anyone have any ideas? Following this message is the output of the trace (with the security and URLs removed). The "INVALID STATE CODE" is an equifax error saying that it needs the state of the credit subject. Thanks for any help! Tim Behrendsen [EMAIL PROTECTED] --------------------- Opening connection to [deleted]:443 (0) next connect connected to [deleted], 443 Creating SSL context... Creating SSL connection (context was '135955760')... Setting fd (ctx 135955760, con 135962856)... Entering SSL negotiation phase... SSLeay connect returned 1 Cipher `RC4-MD5' Subject Name: /C=US/ST=Georgia/L=Atlanta/O=Equifax, Inc./CN=[deleted] Issuer Name: /C=US/O=Equifax Secure Inc/CN=Equifax Secure E-Business CA sslcat 16875: sending `POST [deleted] HTTP/1.1 Host: [deleted]:443 Authorization: Basic [deleted] Accept: */* Content-Type: application/x-www-form-urlencoded Content-Length: 442 service_name=acrotest&site_id=[deleted]&efx_request=DIAL-[deleted]%2c1%2c[de leted]%2c52-03%2c1%2cB%2c%2c%2c.IDNT++++++++++++++++++++[deleted]+I03++15079 7890BEVERLY+++++++++++++++++++++++DONALD++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++01AD++++++++++++++++++++++++++++++++++++++++ATLANTA+++++++ ++++++++++++++++++++++++++++++++EUYouCheckCredit.com%2c+Inc.+00' (655 bytes)... write_all VM at entry=4083712 partial `POST [deleted] HTTP/1.1 Host: [deleted]:443 Authorization: Basic [deleted] Accept: */* Content-Type: application/x-www-form-urlencoded Content-Length: 442 service_name=acrotest&site_id=[deleted]&efx_request=DIAL-[deleted]%2c1%2c[de leted]%2c52-03%2c1%2cB%2c%2c%2c.IDNT++++++++++++++++++++[deleted]+I03++15079 7890BEVERLY+++++++++++++++++++++++DONALD++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++01AD++++++++++++++++++++++++++++++++++++++++ATLANTA+++++++ ++++++++++++++++++++++++++++++++EUYouCheckCredit.com%2c+Inc.+00' written so far 655:655 bytes (VM=4083712) waiting for reply... got `HTTP/1.1 200 OK Server: Netscape-Enterprise/3.6 SP3 Date: Thu, 20 Jul 2000 23:39:35 GMT Content-length: 408 Connection: Keep-alive Content-type: text/plain ' (164:0 bytes, VM=4091904) got ` PLUS [deleted] I 03 SC00000000000000000000000000000000000000000000000000000000000000000000000000 00 SC00000000000000000000000000000000000000000000000000000000000000000000000000 00 SC00000000000000000000000000000000000000000000000000000101 98305 INVALID STATE CODE 99 &&' (408:164 bytes, VM=4091904) [NOTE: This is where it hangs for 30 seconds -- note that message is totally complete.] got `' (0:572 bytes, VM=4091904) Got `HTTP/1.1 200 OK Server: Netscape-Enterprise/3.6 SP3 Date: Thu, 20 Jul 2000 23:39:35 GMT Content-length: 408 Connection: Keep-alive Content-type: text/plain PLUS [deleted] I 03 SC00000000000000000000000000000000000000000000000000000000000000000000000000 00 SC00000000000000000000000000000000000000000000000000000000000000000000000000 00 SC00000000000000000000000000000000000000000000000000000101 98305 INVALID STATE CODE 99 && ' (572 bytes) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
