Overview
There might be cases where a trigger using SFTP stops working, showing an error in the /var/adm/appletalk/trigger.log file similar to the below one:
*** Executing [/usr/etc/webnative/actions/transfer/transfer]
transfer action: File /volumes/reports/Report.csv not transferred to 10.1.0.22 -- curl error 51
tr_execaction: Exiting... Status: [1]
*** Action Failed!!! status[1] ONFAIL: Notifying [email][-None-]
tr_execaction: Attempting to exec: [email|-None-]
tr_execaction: *** Error: Action[email] has a NULL Setting[-None-] Failing...
tr_execaction: *** Error: tr_execaction failed! err=[-6]
tr_runruleactions: Finished actions for rule ID[445]
The curl error 51 means that no alternative certificate subject name matches target hostname. Hence, it will not let you transfer files with the SFTP trigger.
Root Cause
SSL Certificate is corrupted or expired on the target server.
Solution
You need to contact the system administrator of the target server to fix the issue with the certificate. In the meantime, before the issue is solved, you can apply the workaround below to make the SFTP trigger work.
Workaround
- On the server where Xinet Server is installed, take a backup of the transfer configuration file that is located in the following path
/usr/etc/webnative/transfer/transfer. - Open the transfer configuration file specified in the previous step and find the line that starts with
set curlargs:
- Add the
-kflag to the arguments. This option explicitly allows the system to perform insecure SSL connections and transfers.
The line should look like this:
set curlangs = "-f -L -s -S -k"
- Save the changes made to the file.
Confirmation
Repeat the actions that trigger an SFTP transfer; the file transfer should be completed this time and the /var/adm/appletalk/trigger.log file should not contain this kind of error messages.
Priyanka Bhotika
Comments