Do you get any other error messages? What symptoms (other than cannot connect) do you see?
Have you joined the TCPIP List? If not, that might another place to post this question. To join, if you have not done so, use this TCPIP To subscribe, send mail to lists...@vm.marist.edu with the command (paste it!) in the e-mail message body: SUBSCRIBE IBMTCP-L Or this url and go to the bottom of the webpage: http://www2.marist.edu/htbin/wlvindex?IBMTCP-L Lizette > -----Original Message----- > From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSERV.UA.EDU] On > Behalf Of Dazzo, Matt > Sent: Wednesday, February 24, 2016 12:36 PM > To: IBM-MAIN@LISTSERV.UA.EDU > Subject: SSLv3 & SSLv3 - APAR OA47183, PTF UA75508 > > After applying RSU maintenance to our zos1.13 sandbox system I have run into a > problem (that I expected from reading the hold data) with TN3270 and SSL. > SSLv2 & 3 are now defaulted to off. All our tn3270 sessions are configured to > use ssl, I tested with TLS and they work fine. I'd like to enable ssl3 until > we can get all the tn3270 users changed over to tls on my terms. > * The PTF disabled SSL by default, but they can be enabled explicitly. > > According to the apar info it is possible to override the new default (ssl > off) in 2 ways, one with environment variable and the other (not the preferred > method) with RACF profiles. Any help in getting this resolved is appreciated. > Matt > > So far I have tried adding the below to /etc/profile export > GSK_PROTOCOL_SSLV3_ON export GSK_PROTOCOL_SSLV2_ON > > And add the below to my telnet profile, I still cannot connect using ssl. > > ENCRYPT > SSL_RC4_SHA > SSL_RC4_MD5 > SSL_AES_256_SHA > SSL_AES_128_SHA > SSL_3DES_SHA > SSL_DES_SHA > SSL_RC4_MD5_EX > SSL_RC2_MD5_EX > SSL_NULL_SHA > SSL_NULL_MD5 > SSL_NULL_Null > ENDENCRYPT ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
