Anyone ordering maintenance post May 1st using FTPs to download? Here was the announcement:
As of May 1, 2021, to download files from IBM's secure delivery server using FTPS, it is necessary to enable TLS 1.2 in the z/OS Communications Server FTP client program. So, we've enabled ATTLS via PAGENT TTLS Action: cAct4~TEC1_FTP_Client_Applicati Version: 3 Status: Active Scope: Connection HandshakeRole: Client CtraceClearText: Off Trace: 2 TTLSConnectionAdvancedParms: SecondaryMap: On SSLv3: Off TLSv1: Off TLSv1.1: Off TLSv1.2: On TLSv1.3: On ApplicationControlled: On CertificateLabel: DigiCert Global Root CA Connection try fails on handshake. Oddly, says TLSv1 from the IBM end. EZA1701I >>> AUTH TLS SC3362 getReply: entered SC4549 getNextReply: entered with waitForData = TRUE 234 SSLv23/TLSv1 SC4241 getLastReply: entered FC3101 authServerAttls: entered SC4405 getFNDELAY: entered SC4440 setFNDELAY: entered FC3140 authServerAttls: Start Handshake FC3149 authServerAttls: ioctl() failed on SIOCTTLSCTL - EDC8121I CONNECTION RESE T. (errno2=0x77A9733D) SC4440 setFNDELAY: entered EZA2897I Authentication negotiation failed SC4289 inSession: entered EZA1534I *** Control connection with dispby-117.boulder.ibm.com dies. SC4332 SETCEC code = 10 SC3610 endSession: entered (sn=27733B18) SC2776 dataClose: entered SC3693 endSession: recv() failed - EDC8121I CONNECTION RESET. (errno2=0x76650446 ) Its entirely possible that the PAGENT policy on our end is not correct, but its also not out of the realm of possibility that there are problems on IBM end and i why I am asking here if anyone else converted to TLSv1.2 as documented? Thanks, Dave ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN