On 12/29/2022 3:30 PM, Harry Wahl wrote:
Does the root CA certificate on the bottom of the server chain have the "Trust"
attribute set (or in a trusted location)?
Is it presenting its server chain properly?
OPENSSL is your friend here. It's free to download. Use "openssl s_client -connect
192.168.10.193:21 -showcerts"
Digging into this (to answer your questions), I ended up generating an
error 428 and the description there told me:
"Certificates that are meant to represent a server or client must be
connected to a SAF key ring with a USAGE value of PERSONAL and either be
owned by the user ID of the application or be SITE certificates."
So, I deleted and re-added the cert as type SITE, reconnected it to the
keyrings, and SHAZAM -- It works!
Many thanks to you and Attila Fogarasi for the tip about OPENSSL. I will
download it and give it a try for sure...
--
Phoenix Software International
Edward E. Jaffe
831 Parkview Drive North
El Segundo, CA 90245
https://www.phoenixsoftware.com/
--------------------------------------------------------------------------------
This e-mail message, including any attachments, appended messages and the
information contained therein, is for the sole use of the intended
recipient(s). If you are not an intended recipient or have otherwise
received this email message in error, any use, dissemination, distribution,
review, storage or copying of this e-mail message and the information
contained therein is strictly prohibited. If you are not an intended
recipient, please contact the sender by reply e-mail and destroy all copies
of this email message and do not otherwise utilize or retain this email
message or any or all of the information contained therein. Although this
email message and any attachments or appended messages are believed to be
free of any virus or other defect that might affect any computer system into
which it is received and opened, it is the responsibility of the recipient
to ensure that it is virus free and no responsibility is accepted by the
sender for any loss or damage arising in any way from its opening or use.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
