Mike, > Does TN3270 support explicit/implicit SSL/TLS the same way? For > example, if I set up an explicit connection by using the TLSLABEL > and SECURECONNECTION ALLOWED statements in the INTERNALCLIENTPARMS > will the TN3270 client "negotiate" SSL much the same way FTP does > with AUTH TLS? When configuring for explicit do I also need to use > the SECURE parm on the PORT?
TN3270 behaves the same way as FTP. If the clients are going to negotiate security, there is no need for the SECURE option on the port statement. > > I'm asking this because what I'm seeing in my tests has me a bit confused. > > Config 1: > > TLSLABEL and SECURECONNECTION ALLOWED in INTERNALCLIENTPARMS. PORT > does not have SECURE parm. In this configuration we see the > "Secure connections are ALLOWED" and "TLSLABEL is...." messages in > the TCPIP startup log, but SSL-enable clients cannot connect. Non- > SSL clients can connect OK. What client(s) are you using? Regards, Miguel Delapaz z/VM Development
