DCM-tools icon indicating copy to clipboard operation
DCM-tools copied to clipboard

Published 20 hours ago verified publisher icon ThePrez

dcmrenew returns 'null' response and fails to renew the certificate

Open richardm90 opened this issue 1 year ago • 0 comments

I've made a couple of fixes to the certificate renewer but this unfortunately isn't the whole story.

Even after these fixes I'm still getting some problems with the dcmrenew command but could do with some help from a Java programmer (I'm not one) who also understands the com.ibm.as400.access.ServiceProgramCall class.

When I try running dcmrenew using the new code I get the following error.

AS400Message (ID: CPF9872 text: Program or service program QYCDRNWC in library QICSS ended. Reason code 2.):com.ibm.as400.access.AS400Message@5e99a5ea
DCM API call failure

The CPF9872 message has the following cause text "The specified program or service program was ended due to one of the following: 1 -- A pointer was used that is not available for use while running in the current program state. 2 -- A pointer was used, either directly or as a basing pointer, that has not been set to an address. 3 -- A pointer type was not valid for the requested operation. 4 -- An error was found while checking parameter structure. 5 -- The caller is not allowed to use this interface. Recovery . . . : Correct the parameter list passed to the program or service program and try the request again. If the reason code is 5, you will need to use a different interface.".

I've not been able to work out exactly what the problem is here. I did enable Trace and it looks to me as though the parameters going in are correct.

Some things about the code that I'm not sure about but on the surface seem wrong.

  1. The file passed to the QycdRenewCertificate is not the original Base64 encoded certificate given on the command line. It passes a temporary file, generated in the KeyStoreLoader class. The API expects an X509 Base64 encoded file.
  2. The callQycdRenewCertificate_RNWC0300 method executes the runProgram method and passes the ServiceProgramCall object in as the second parameter. The runProgram method expects a ProgramCall object as the second parameter. This maybe OK in Java.

richardm90 avatar Oct 29 '23 15:10 richardm90