What does your Security Configuration window look like and what values do
you have set ?
Marci Beach
From:
Michael Coffin <[email protected]>
To:
[email protected]
Date:
03/25/2009 03:25 PM
Subject:
Re: SSL Encryption For TN3270
Hi Alan,
Good call on PREFERRED vs. ALLOWED, but unfortunately that didn't clear
it up (but I think I will keep PREFERRED as the setting).
I put a trace on Telnet but its 250+ lines so rather than include it in
this email if you are interested you can see the trace here:
http://www.mccci.com/misc/telnet_trace.txt
Does anything look out of the ordinary in that trace?
-Mike
-----Original Message-----
From: The IBM z/VM Operating System [mailto:[email protected]] On
Behalf Of Alan Altmark
Sent: Wednesday, March 25, 2009 1:45 PM
To: [email protected]
Subject: Re: SSL Encryption For TN3270
On Wednesday, 03/25/2009 at 12:00 EDT, Michael Coffin
<[email protected]> wrote:
> Thanks Miguel, you confirmed my understanding - but the darned client
isn't
> behaving the way it should. The client is Attachmate InfoConnect
> 8.1.
>
> When a TN3270 client connects using SSL in Config 1 (explicit, no
SECURE parm
> on PORT) I see the connection open, the IP and port are reported, and
the
> connection closes immediately in the TCPIP console log. There is
nothing on
> the SSL server console (with TRACE ALL):
>
> 11:37:08 DTCSTM305I Telnet server: Secure Connections are ALLOWED
> 11:37:08 DTCSTM309I Telnet server: TLS Label is NOTSHOWN
> 11:44:17 DTCSTM163I Telnet server: Conn 0: Connection opened 03/25/09
at
> 11:44:17
> 11:44:17 DTCPRC150I Conn 0: Foreign internet address and port: net
address =
> 10.215.0.218, port= 3651
> 11:44:17 DTCSTM349I Telnet server: Conn 0: Connection closed 03/25/09
at
> 11:44:17
Try setting SECURECONNECTION PREFERRED in PROFILE TCPIP. If that works,
please open a PMR so that we can figure out why ALLOWED doesn't work.
The difference is whether (preferred) or not (allowed) the server
proposes
the use of TLS.
Alan Altmark
z/VM Development
IBM Endicott
