Our firewall guys tried a couple different things, and I guess we
made some "progress": Now the failure is "FC0994 authServer:
secure_socket_init failed with rc = 8 (Certificate validation
error)".
You need the GeoTrust Global CA certificate
(https://www.geotrust.com/resources/root-certificates/index.html) in the
keyring used by the ftp client. That's the CA that signed the FTP
server's cert and is required for the SSL handshake.
Time to call Shopz Support, since we're trying to use the certificate
they issued. The certificate works fine for RECEIVE ORDER over a
non-SSL connection.
I'm not sure what you mean when you say "the cert works fine for RECEIVE
ORDER over a non-SSL connection." Which cert are you talking about?
The client certificate generated by Shopz? That's not used for the SSL
handshake at all. The generated client cert is used simply to carry
unique identifying information to the server, such as IBM customer number.
Kurt Quackenbush -- IBM, SMP/E Development
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
