After applying RSU maintenance to our zos1.13 sandbox system I have run into a problem (that I expected from reading the hold data) with TN3270 and SSL. SSLv2 & 3 are now defaulted to off. All our tn3270 sessions are configured to use ssl, I tested with TLS and they work fine. I'd like to enable ssl3 until we can get all the tn3270 users changed over to tls on my terms. * The PTF disabled SSL by default, but they can be enabled explicitly.
According to the apar info it is possible to override the new default (ssl off) in 2 ways, one with environment variable and the other (not the preferred method) with RACF profiles. Any help in getting this resolved is appreciated. Matt So far I have tried adding the below to /etc/profile export GSK_PROTOCOL_SSLV3_ON export GSK_PROTOCOL_SSLV2_ON And add the below to my telnet profile, I still cannot connect using ssl. ENCRYPT SSL_RC4_SHA SSL_RC4_MD5 SSL_AES_256_SHA SSL_AES_128_SHA SSL_3DES_SHA SSL_DES_SHA SSL_RC4_MD5_EX SSL_RC2_MD5_EX SSL_NULL_SHA SSL_NULL_MD5 SSL_NULL_Null ENDENCRYPT ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
