SSL connectivity issue

robin.aspinall.extern

Hi

Could anyone assist and provide more details on what the error location might potentially means? or is the error location as such not relevant for this message?

Text: Failed to add RsslChannel(s) to RsslReactor. Channel name(s) Channel_5

Instance Name Consumer_5_671

RsslReactor 0x0000000002A08F70

RsslChannel 0

Error Id -1

Internal sysError 0

Error Location C:\Jenkins\workspace\ESDKCore_RCDEV\OS\VS140-64\rcdev\source\rtsdk\Cpp-C\Eta\Impl\Reactor\rsslReactor.c:6896

Error Text Failed to request authentication token information. Text: <C:\Jenkins\workspace\ESDKCore_RCDEV\OS\VS140-64\rcdev\source\rtsdk\Cpp-C\Eta\Impl\Reactor\Util\rsslRestClientImpl.c:1595> Error: Failed to perform the request with text: SSL connect error

wasin.w

Hello @robin.aspinall.extern

Please refer to my colleague's answer in this post. The error indicates that the API was trying to send an HTTP request message to the RDP API gateway. I highly recommend you test the issue by running a curl command in that post on the machine that encounters the issue.

If the machine does not have OpenSSL, zlib, and cURL, you can check the following resources:

• How to Build OpenSSL, zlib, and cURL libraries on Windows
• How to Build OpenSSL, zlib, and cURL Libraries on Linux

robin.aspinall.extern

Thank you for the response. If we run the curl we run into issue of "revocation server was offline"

* Trying 75.2.0.254:443...

* Connected to api.refinitiv.com (75.2.0.254) port 443 (#0)

* schannel: disabled automatic use of client certificate

* ALPN: offers http/1.1

* schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline.

* Closing connection 0

* schannel: shutting down SSL/TLS connection with api.refinitiv.com port 443

curl: (35) schannel: next InitializeSecurityContext failed: Unknown error (0x80092013) - The revocation function was unable to check revocation because the revocation server was offline.

wasin.w

Hello @robin.aspinall.extern

I checked with the API Gateway team. The issue seems to relate to your network, so I highly recommend contacting your IT team to verify your network policy/certifications.

Note: If your IT team needs the static IP Address of the api.refinitiv.com endpoint, they are the following addresses:

• 75.2.0.254
• 99.83.242.11

robin.aspinall.extern

Thank you for the answer. We have the relevant IP Addresses. The issue seems with the firewall doesn't supporting to ping a url to resolve the IP. Hence we have to whitelist IP ranges.

Is there a possibility via config or code to exclude CRL revocation check on the certificate?

wasin.w

Hello @robin.aspinall.extern

Unfortunately, the RTSDK does not have a feature to exclude CRL revocation checks on the certificate via config or code.