Amazing - how do you find this stuff?

Google.


Any way, I went to the web site and CALLed the program.  I was then able to
get into the certificate store *AND* the results of my FTP attempt changed
from "Secure connection error, return code -93" to "Secure connection error,
return code -23" with -23 indicating "Certificate is not signed by a trusted
certificate authority".

Do you understand what that means, or do you need an explanation?


I believe the site to which I am attempting to connect uses a Verisign
certificate.  The only Verisign certificate in my certificate store appears
to be expired (validity period 2/3/98 - 3/4/03).

Are you looking at the certificate authority (CA) certificates? You should have at least 3 different VeriSign certificates there for VeriSign classes 1,2,3.


I have asked my contact to send me a copy of the certificate which they are using. My intent is to copy that certificate into my *SYSTEM CA.

Make sure it's the CA certificate. The server or client certificate won't do you any good. If the CA certificates for VeriSign are actually expired, IBM should provide you with a PTF that fixes it.

I know that there was a problem back in January 2004 where the VeriSign certificates had all expired, and IBM fixed that problem with a PTF.


Am I on the right track?

Maybe? We know that the certificate couldn't be verified as "trusted", and this means that the system was unable to verify the certificate against the CA certificate.

The next step for me would be to use the OpenSSL program to download the certificates from the server and see who the signer was so that I could make sure there's a corresponding CA cert in my certificate store.

Assuming that you've done something equivalent to that, you're on the right track.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.