To make this point even clearer, when the z/VM 5.1 system was installed, the SSLSERV (Linux kernel and all) was simply DDR-ed into a CMS file, moved over to the 5.1 system, and DDR-ed back to DASD. The IBM provided SSL code inside the SSLSERV itself is the code from 4.4. Might this be a problem? I didn't see where that code had changed in going from 4.4 to 5.1.
DJ Alan Altmark wrote: > On Friday, 10/14/2005 at 01:04 EST, Dave Jones <[EMAIL PROTECTED]> > wrote: > >>The client put a network sniffer of the incoming connection and they are >>able to see my incoming SSL connection (which makes it all the way to >>the SSLSERV SVM) and then a response back that looks like a CP error >>message: >>HCPCMD001E UNKNOWN CP COMMAND: R... >> >>This is SSLSERV running on a 5.1 image, btw. > > > That looks suspiciously like you didn't change the port number in your > PCOMM config to point to the encrypted port, so the client handshake is > going to the unencrypted port. (What the heck, activate the SSL trace. If > you don't see any activity, the connection didn't go through the SSL > server.) > > Alan Altmark > z/VM Development > IBM Endicott
