1.  Home
  2. MIDRANGE-L
  3. November 2004

Re: SSL Telnet error

Found the answer.  In the Local Certificate Authority, the Policy Data has 
to be set to "Allow creation of user certificates" = NO.

...Neil




Neil Palmer/DPS <neilp@xxxxxxxxxxx> 
Sent by: midrange-l-bounces@xxxxxxxxxxxx
2004/11/14 22:17



To
Midrange Systems Technical Discussion <midrange-l@xxxxxxxxxxxx>
cc

Subject
SSL Telnet error






Can't figure out what this means (I hate when they list error codes, but 
there appears to be nowhere to look them up):
 
Connecting... 
Resolving SERVER.DOMAIN.COM 
SERVER.DOMAIN.COM Resolved to SERVER.DOMAIN.COM (IPV4) 
Creating a local socket... 
Local socket is connecting to remote server/host SERVER.DOMAIN.COM using 
port 992... 
Connected to remote server/host SERVER.DOMAIN.COM using port 992 
Secure socket is connecting through TLS1.0 to remote server/host 
SERVER.DOMAIN.COM using port 992... 
Failed connecting to secure remote server/host SERVER.DOMAIN.COM using 
port 992, error code 414 
Disconnecting... 
Disconnected. 

Any clue what error code 414 is ?

The QTVTELNET joblog (V5R2 target system) shows:

Message ID . . . . . . :   CPDBC84       Severity . . . . . . . :   10 
Message type . . . . . :   Diagnostic 
Date sent  . . . . . . :   11/14/04      Time sent  . . . . . . : 21:47:16 

 
 
Message . . . . :   Certificate does not have a valid format. 
Cause . . . . . :   If this error is received at initialization time for 
the 
  Secure Sockets Layer (SSL) enabled application then the AS/400 
certificate 
  is not valid.  If this error is received during handshake processing 
then 
  the remote end point's certificate is not valid. 


BUT - I have the certificate created & downloaded from the iSeries to the 
PC, it shows in the key database, 
THE VERIFY SSL CONNECTION in iSERIES NAVIGATOR (PROPERTIES / SECURE 
SOCKETS) SUCCESSFULLYVERIFIES ALL SERVERS, INCLUDING TELNET, yet I can't 
get the SSL PC5250 session to work. 
(I have configured several other iSeries systems that I can successfully 
establish SSL Telnet sessions to).

And no, the Telnet Application does NOT specify "Client authentication 
required".

...Neil

This thread ...
Follow-Ups:
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2026 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.