View previous topic :: View next topic
|
Author |
Message |
Al Kersker
New User
Joined: 03 Oct 2007 Posts: 4 Location: Cincinnati, Oh
|
|
|
|
We are a Z-OS V1R4 shop attempting to use FTP TLS/SSL to send mainframe dataset files back and forth to a Windows Server. The Windows Server has Connect Enterprise Software running for it FTP process. We have been attempting to get this to work for a few days now and decide to ask for some assistance. The messages I see in my Z-OS log is as follows:
SR2850 reply: --> 234 Security environment established - ready for negSR3544 usingUTF8: entered
FR0366 authClient: entered
FR0372 authClient: secure_socket_open()
FR0420 authClient: cipherspecs = 0A09
SR3600 getFNDELAY: entered
FR0443 authClient: secure_socket_init()
FU0374 secureRead: entered
FU0374 secureRead: entered
FU0437 secureWrite: entered
SR3635 setFNDELAY: entered
FR0459 authClient: init failed with rc = 402 (No SSL cipher specifications)
FR0856 endSecureConn: entered
BU0514 logSECURE: entered
EZYFS55I ID=FTPC100096 SECURE fails Reason=4 Text=The TLS handshake failed
SR0922 end_session: entered (sn=00189538)
The session ends after the above sequence of events. Any assistance or recommendations would be greatly appreciated.
Thanks,
Al |
|
Back to top |
|
|
dick scherrer
Moderator Emeritus
Joined: 23 Nov 2006 Posts: 19244 Location: Inside the Matrix
|
|
|
|
Hello Al and welcome to the forums,
Go Buckeyes
Are you trying to "push" from the mainframe or "pull" from the server?
I'm not familiar with "Connect Enterprise Software". Does your Win-based machine run an ftp daemon or does the Windows system only have ftp client software?
If you take the mainframe out of the loop, can you successfully ftp files to that system (not drag/drop) from some 3rd system? |
|
Back to top |
|
|
superk
Global Moderator
Joined: 26 Apr 2004 Posts: 4652 Location: Raleigh, NC, USA
|
|
|
|
FYI: Connect:Enterprise from Sterling Commerce.
[rambling]
Sometimes, I wish we would get questions every now and then about Connect:Enterprise. It would make for a nice change of pace from the same-old same-old.
I wish I had even the remotest of answers. I'd either contact Sterling directly, or go through one of the user communities.
[/rambling] |
|
Back to top |
|
|
dick scherrer
Moderator Emeritus
Joined: 23 Nov 2006 Posts: 19244 Location: Inside the Matrix
|
|
|
|
Hi Kevin,
Thanx
d |
|
Back to top |
|
|
Al Kersker
New User
Joined: 03 Oct 2007 Posts: 4 Location: Cincinnati, Oh
|
|
|
|
Hi D,
We are attempting to both push and pull from our Z-OS mainframe. The company I am working with is one of our customer and they limit what type of FTP software I can attempt to connect to them. They have other clients that connect from non-mainframe FTP products to their Windows server without any issues. We currently are researching this issue with the Sterling Software support folks. Thanks for your interest.
Al |
|
Back to top |
|
|
Alan Scott
New User
Joined: 12 Oct 2007 Posts: 2 Location: St. Louis
|
|
|
|
Please check your CIPHERSUITE options in your FTP startup parms. This is normally in in SYS1.TCPPARMS
It should look something like
CIPHERSUITE SSL_NULL_MD5
CIPHERSUITE SSL_NULL_SHA
CIPHERSUITE SSL_RC4_MD5_EX
CIPHERSUITE SSL_RC4_MD5
CIPHERSUITE SSL_RC4_SHA
CIPHERSUITE SSL_RC2_MD5_EX
CIPHERSUITE SSL_DES_SHA
CIPHERSUITE SSL_3DES_SHA
Alan |
|
Back to top |
|
|
dick scherrer
Moderator Emeritus
Joined: 23 Nov 2006 Posts: 19244 Location: Inside the Matrix
|
|
|
|
Hello Al,
Quote: |
they limit what type of FTP software I can attempt to connect to them |
Did you try via the "old" DOS command line ftp?
I've not yet found an ftp host that i could not connect to (with pretty much any desktop tcp/ip software) as long as i followed the "rules" of the ftp server. Maybe these folks are doing something i've not yet encountered. Maybe they have rules that are not yet met. . . |
|
Back to top |
|
|
|