In your SYSFTPD DD or equivalent specify: TLSPORT 0 ; don't treat port 990 as implicit TLS --
Frank Swarbrick Applications Architect - Mainframe Applications Development FirstBank Data Corporation - Lakewood, CO USA P: 303-235-1403 On 9/24/2009 at 7:03 AM, in message <901b5ee367d94b4180048494d49a897c052e1...@emo-exmb-m-402.main.ads.uscg.mil>, "Finley, Frank" <francis.e.fin...@uscg.mil> wrote: > Thank you for the pointers, > > It looks like the issue is resolving back to the server side running > explicit FTPS on port 990 rather than implicit which is what you would > normally expect on that port. Apparently this was done to get around some > firewall limitations with the normal port 21. > > Is there a way to force the connection to use explicit FTP on my side while > connecting to port 990, I can not seem to find any settings in the ftp.DATA > file that would do it, and my google fu is failing me. > > Thank you, > > Frank Finley, CISSP > Information Systems Security Officer > United States Coast Guard > Pay and Personnel Center, Topeka KS > (ph) - 785-339-3578 > (cell) - 785-813-1812 > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf > Of Hal Merritt > Sent: Wednesday, September 23, 2009 9:25 AM > To: IBM-MAIN@bama.ua.edu > Subject: Re: FTPS rc = 406 (Error while reading or writing data) > > One thing pops to mind: most all Windows clients will accept self signed > certificates, and z/os won't. Is the top level certificate marked as a > Trusted CA? > > The next thing to try is a more detailed trace. I don't recall exactly what > I did, but I do recall seeing that I did not have any case sensitivity > issues. I also recall seeing a very explicit message as to the exact nature > of the error. > > Of course, it took me a while to accept what it was saying. > > HTH and good luck. > > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On Behalf > Of Finley, Frank > Sent: Wednesday, September 23, 2009 9:03 AM > To: IBM-MAIN@bama.ua.edu > Subject: FTPS rc = 406 (Error while reading or writing data) > > Hello, > > I've been beating my head against the wall for a while on this one and > wondering if anyone has any thoughts that may help me in troubleshooting. I > am having issues with an FTPS connection to a remote host. IBM Z/OS 1.8 (our > side) client connecting to a Unix FTPS server running proftpd. > > This is outside a firewall, but ports have been open between our two > locations. > > Windows clients aren't having any issues connecting to their server. We are > using RACF for the certificates and I have verified that the certificate > chain is in place for the user. Is anyone able to steer me in the right > direction troubleshooting? > > ..snip > > Thank you, > > Frank Finley, CISSP > Information Systems Security Officer > United States Coast Guard > Pay and Personnel Center, Topeka KS > (ph) - 785-339-3578 > (cell) - 785-813-1812 > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > NOTICE: This electronic mail message and any files transmitted with it are > intended > exclusively for the individual or entity to which it is addressed. The > message, > together with any attachment, may contain confidential and/or privileged > information. > Any unauthorized review, use, printing, saving, copying, disclosure or > distribution > is strictly prohibited. If you have received this message in error, please > immediately advise the sender by reply email and delete all copies. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO > Search the archives at http://bama.ua.edu/archives/ibm-main.html >>> The information contained in this electronic communication and any document attached hereto or transmitted herewith is confidential and intended for the exclusive use of the individual or entity named above. If the reader of this message is not the intended recipient or the employee or agent responsible for delivering it to the intended recipient, you are hereby notified that any examination, use, dissemination, distribution or copying of this communication or any part thereof is strictly prohibited. If you have received this communication in error, please immediately notify the sender by reply e-mail and destroy this communication. Thank you. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: GET IBM-MAIN INFO Search the archives at http://bama.ua.edu/archives/ibm-main.html
