Rob,
Sorry for the late reply. The mismatch of ciphers was ADCD, this version of
z/OS appears to give the customer a subset of ciphers. I am in the process
of contacting IBM to find out more information. We have it working on the
supplied ciphers. My concern of course is what the customer is using
Diagnosis Guide with a direct hit
http://www-01.ibm.com/support/knowledgecenter/SSLTBW_2.1.0/com.ibm.zos.v2r1.hald001/atprble.htm
q0 - did you copy one of the GUI samples for the AT-TLS setup or build it
from scratch?
q1 - what ciphers did you select in Config Assistant or z/OSMF when you
setup
Correction: This is the server supported cipher list
Set GSK_V3_CIPHER_SPECS_EXPANDED(214) - C02FC030009E009F009C009D002F0035000A
Client ciphers are in the client hello. 2nd packet in ATTLS trace below: (002F
0035 0005 etc)
RECV CIPHER 160301005F
If you use trace level: "Trace 127 " you will get debugging info
on ciphers and other things.
Cipher list presented by client:
CONNID: DA17 RC:0 Set GSK_V3_CIPHER_SPECS_EXPANDED(214) -
C02FC030009E009F009C009D002F0035000A
Cipher chosen by server:
CONNID: DA17 RC:0 Get GS
installed.
Mike Wawiorko
Please consider the environment before printing this e-mail
-Original Message-
From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf
Of Scott Ford
Sent: 13 May 2015 23:20
To: IBM-MAIN@LISTSERV.UA.EDU
Subject: AT-TLS question , issue
ERV.UA.EDU
Subject: AT-TLS question , issue
All,
We are running z/OS 1.13 and I have AT-TLS configured with PAGENT and SYSLOGD.
We are testing a Java client inbound to a COBOL STC running CICS Sockets
(ezasoket). In our testing we are seeing a EZD1287I TTLS Error RC:
402 Initial Handshake. The server
All,
We are running z/OS 1.13 and I have AT-TLS configured with PAGENT and
SYSLOGD. We are testing a Java client inbound to a COBOL STC running CICS
Sockets (ezasoket). In our testing we are seeing a EZD1287I TTLS Error RC:
402 Initial Handshake. The server is showing a socket-read errno=54 -
Eco