I haven't used SSL client verification by certificate, so you are past my knowledge. As an experiment, can you get a working connection using userid/password authentication.
> -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] > On Behalf Of Mark Pace > Sent: Friday, May 09, 2014 5:47 AM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: Re: z/OS FTPS Client & Linux FTP server > > I was able to get the Trace to work - after removing the -r TLS, that > generated an error. > *EZA2892I Secure port 21 does not allow the -a or -r start parameter * > > And from that trace it appears, to me, that the FTP server is not > responding correctly to the z/OS client handshake. > > 05/08/2014-16:46:27 Thd-0 INFO send_v3_client_hello(): Sent V3 CLIENT- > HELLO message > 05/08/2014-16:46:27 Thd-0 ASCII send_v3_client_hello(): V3 CLIENT-HELLO > message > 00000000: 0100002b 0301536b ed23cf50 8d72c5f7 > *...+..Sk.#.P.r..* > 00000010: 201c1c84 2fef8ce6 3228c3b3 8de37177 * > .../...2(....qw* > 00000020: a3e6e150 a3c50000 0400ff00 050100 > *...P........... > * > 05/08/2014-16:46:27 Thd-0 INFO gsk_write_v3_record(): Calling write > routine for 52 bytes > 05/08/2014-16:46:27 Thd-0 INFO gsk_write_v3_record(): 52 bytes written > 05/08/2014-16:46:27 Thd-0 INFO gsk_read_v3_record(): Calling read > routine for 5 bytes > 05/08/2014-16:46:27 Thd-0 INFO gsk_read_v3_record(): 5 bytes received > 05/08/2014-16:46:27 Thd-0 ERROR gsk_read_v3_record(): Content Type 50 > is not supported > 05/08/2014-16:46:27 Thd-0 ASCII gsk_read_v3_record(): SSL record header > 00000000: 3232302d 57 *220-W > * > 05/08/2014-16:46:27 Thd-0 ERROR gsk_secure_socket_init(): SSL V3 client > handshake failed with 10.6.0.15[21] > > > > On Wed, May 7, 2014 at 4:03 PM, Gibney, Dave <gib...@wsu.edu> wrote: > > > Add this to the FTP Client job parms: > > // > PARM=('ENVAR("GSK_TRACE=0XFFFF","GSK_TRACE_FILE=/tmp/gskwix.trc")', > > // '/-r TLS (TRACE EXIT') > > > > There is a formatted documented with gsktrace. Should get you to the > > exact error when you format gskwix.trc > > > > > -----Original Message----- > > > From: IBM Mainframe Discussion List > > > [mailto:IBM-MAIN@LISTSERV.UA.EDU] On Behalf Of Mark Post > > > Sent: Wednesday, May 07, 2014 12:55 PM > > > To: IBM-MAIN@LISTSERV.UA.EDU > > > Subject: Re: z/OS FTPS Client & Linux FTP server > > > > > > Mark, > > > > > > This may be yet another case where running strace or ltrace on the > > > server side will give you some insight into what is going on. If > > > you don't > > want to go > > > down that road, i would say it's time to open up a PMR with IBM. > > > > > > > > > Mark Post > > > > > > ------------------------------------------------------------------- > - > > > -- For IBM-MAIN subscribe / signoff / archive access instructions, > > > send > > email to > > > lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > --------------------------------------------------------------------- > - > > For IBM-MAIN subscribe / signoff / archive access instructions, send > > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > > > > > > -- > The postings on this site are my own and don’t necessarily represent > Mainline’s positions or opinions > > Mark D Pace > Senior Systems Engineer > Mainline Information Systems > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, send > email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
