Bruce, on the 19th of February this year Charles Warwick posted the following answer to a post (subject: SSL Error - question from Stack Overflow) which described a similar problem.
>>> This seems to be an issue which has come up a few times over the years with the curl library. It appears to be specific to when curl is compiled on OS X to use the Mac SSL library, rather than OpenSSL. I am guessing you are trying this on a Mac? I have tested a build of tsNet under OS X that uses OpenSSL instead, and the issue goes away. Unfortunately, building tsNet to use OpenSSL on Mac would mean that it no longer uses the OS X certificate store for verifying SSL certificates. Regards, Charles <<< So maybe Charles can help, maybe with a custom build of tsNET. Regards, Matthias > Am 21.05.2021 um 00:44 schrieb Bruce Pokras via use-livecode > <use-livecode@lists.runrev.com>: > > Hello all, > > Getting a tsNet error, both from the IDE and a standalone. I have a patent > searching and downloading app that had some link rot issues. Finally fixed > everything. Seemed to be working fine for USPTO, European Patent Office and > World Intellectual Property Office. I put off launching this new version > (Patent Grabber 6.5) for a few weeks. I don’t understand what has happened in > the meantime, but the US patent searching keeps returning a tsNet error in > the “result": > > tsneterr: (56) SSLRead() return error -9806 > > The URL was: > > > https://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall > > which works fine when pasted in Safari or Chrome on my MacBook Pro Retina > running High Sierra 10.13.6. > > I recently learned of the tsNet debugger that someone (Charles Warwick?) had > so thoughtfully created, and tried it. Below are two runs that I made, and > since I can’t make heads nor tails of them, I hope that someone on the list > can understand what is going on (I also tried tsNetVerifySSLPeer, both true > and false, but got the same tsNet error). Any help would be greatly > appreciated. Thanks! > > Bruce Pokras > > #1: run with libURLsetSSLverification false > > Connection #7 to host patft.uspto.gov left intact > Issue another request to this URL: > 'https://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall' > Trying 2610:20:5004:1604::82:443... > Connected to patft.uspto.gov (2610:20:5004:1604::82) port 443 (#8) > WARNING: disabling hostname validation also disables SNI. > SSL re-using session ID > TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > Server certificate: patft.uspto.gov > Server certificate: Entrust Certification Authority - L1K > Server certificate: Entrust Root Certification Authority - G2 > GET > /netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall > HTTP/1.0 > Host: patft.uspto.gov > Accept: */* > User-Agent: LiveCode (MacOS) > > 1621533850 > Mark bundle as not supporting multiuse > HTTP 1.0, assume close after body > HTTP/1.0 200 Script results follow > Server: NetAnswer Server 1.0 > Content-Type: text/html > > SSLRead() return error -9806 > Closing connection 8 > > #2: run with libURLsetSSLverification true > > 1621534995 > 1621534996 > _proxyForURL_proxyForURL end with none foundProxy for URL: > Found bundle for host patft.uspto.gov: 0x7fa9a210bac0 [serially] > Re-using existing connection! (#11) with host patft.uspto.gov > Connected to patft.uspto.gov (2610:20:5004:1604::82) port 80 (#11) > GET > /netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall > HTTP/1.0 > Host: patft.uspto.gov > Accept: */* > User-Agent: LiveCode (MacOS) > > Mark bundle as not supporting multiuse > HTTP 1.0, assume close after body > HTTP/1.0 302 Found > Location: > https://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall > Server: BigIP > Connection: close > Content-Length: 0 > > Closing connection 11 > Issue another request to this URL: > 'https://patft.uspto.gov/netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall' > Hostname patft.uspto.gov was found in DNS cache > Trying 2610:20:5004:1604::82:443... > Connected to patft.uspto.gov (2610:20:5004:1604::82) port 443 (#13) > SSL re-using session ID > TLS 1.2 connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 > Server certificate: patft.uspto.gov > Server certificate: Entrust Certification Authority - L1K > Server certificate: Entrust Root Certification Authority - G2 > GET > /netacgi/nph-Parser?Sect1=PTO2&Sect2=HITOFF&u=%2Fnetahtml%2Fsearch-adv.htm&r=0&p=1&f=S&l=50&Query=(pokras)&d=pall > HTTP/1.0 > Host: patft.uspto.gov > Accept: */* > User-Agent: LiveCode (MacOS) > > 1621534997 > Mark bundle as not supporting multiuse > HTTP 1.0, assume close after body > HTTP/1.0 200 Script results follow > Server: NetAnswer Server 1.0 > Content-Type: text/html > > SSLRead() return error -9806 > Closing connection 13 > 1621534998 > 1621534999 > _______________________________________________ > use-livecode mailing list > use-livecode@lists.runrev.com > Please visit this url to subscribe, unsubscribe and manage your subscription > preferences: > http://lists.runrev.com/mailman/listinfo/use-livecode _______________________________________________ use-livecode mailing list use-livecode@lists.runrev.com Please visit this url to subscribe, unsubscribe and manage your subscription preferences: http://lists.runrev.com/mailman/listinfo/use-livecode
