All,

I'm getting the following errors when trying to verify my SSL
connection to a box...

CWBCO1034 - SSL error, function handshake() returned 25414
CWBCO1050 - The iSeries server application (XXXXXXX) certificate is not trusted
CWBCO1008 - Unable to connect to server application XXXXXXX, returned 25414

The iNav help says:
CWBCO1050

Cause
The server certificate is not trusted. This usually occurs when you
have not downloaded the public Certificate Authority certificate for
the server certificate to the PC key database or have the public
Certificate Authority certificate marked as not trusted in the PC key
database.

Recovery
Use the IBM Key Management Utility on the PC to check that the
appropriate public Certificate Authority certificates are marked as
trusted.

There are three ways to download the public Certificate Authority certificate:
----- Use iSeries Navigator:

1 Open iSeries Navigator (Start > IBM iSeries Access for Windows >
iSeries Navigator).
2 Right-click the server you are trying to connect to and select Properties.
3 From the Secure Sockets tab, press Download.

----- Use the iSeries Digital Certificate Manager to download the
public Certificate Authority certificate to a PC web browser, export
it from the browser, and then use the IBM Key Management Utility on
the PC to import the public Certificate Authority certificate into the
PC key database.

----- Use the CWBCOSSL tool, which was shipped with iSeries Access for
Windows and is available in the install directory.

I've tried the first and the second option and have confirmed that
there's a certificate in my PC key database (using the IBM Key
Manager) and that the certificate is marked as a trusted root.

I also found this document,
http://www-01.ibm.com/support/docview.wss?uid=nas167043eb1c7390f5e862570a100440574
which suggested this error could be seen if the key database was not
located in a directory to which I had the right authorities. So I
created a new key database in "My Documents" and configured iSeries
Access to use it. Again, downloading the CA cretificate using the
first and third options above, making sure it was marked as a trusted
root.

Still I get the same error.

Found a message in the archives from a few years back, where somebody
was having the same issue...but no solution was posted
http://archive.midrange.com/midrange-l/200304/msg01821.html

Thoughts?

Thank you,
Charles Wilt

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.