Set up gsktrace on z/OS and find the exect error. Search the archives on IBMTCP-L or IBM-MAIN
Dave Gibney Information Technology Services Washington State University > -----Original Message----- > From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of > Donald Russell > Sent: Wednesday, December 23, 2009 9:54 AM > To: LINUX-390@VM.MARIST.EDU > Subject: Re: FTP/TLS from zOS problems > > Well, the 234 is just the response after the client sent AUTH TLS > instead of a userid. But, a search for ftp auth tls error codes lead > me to this IBM manual... Communications Server IP User's Guide and > Commands > > which listed the error codes... > 17 FTP_AUTHENTICATION Security authentication or negotiation > failure, incorrect specification of security keywords. > > Sounds interesting, but doesn't offer many clues... sounds like the > problem could be in the SYSFTPD DD statements... > Is something misconfigured? On the client? On the server? Is the > certificate bad? (Same cert is acceptable to a web browser for https > connections, though I do have to click past a warning when using IE) > > I'm leaning toward MVS no longer trusts my cert, or doesn't trust who > signed the cert... > > That lead me to adding CLIENTERRCODES EXTENDED to those control > statements. FTP now exits with an RC of 1710 instead of 10234... Much > better :-) > > 17 means the same as above, 10 means "OPEN"... hmmm > > Well, I'll keep digging. > > Cheers > > > On Wed, Dec 23, 2009 at 09:08, Stewart Thomas J > <stewartthom...@johndeere.com> wrote: > > If I remember correctly, what you want to do is search for "FTP > client reply code 234" on a web search engine. I think you need to > break this into mmnnn, where mm is a command code and nnn is the FTP > client reply code. Most of these are standard codes, so 234 is > documented in the RFC for the AUTH TLS FTP subcommand. > > > > Tom Stewart > > Mainframe OS, Networking & Security > > www.johndeere.com > > > > > > -----Original Message----- > > From: Linux on 390 Port [mailto:linux-...@vm.marist.edu] On Behalf Of > Donald Russell > > Sent: Wednesday, December 23, 2009 10:57 AM > > To: LINUX-390@VM.MARIST.EDU > > Subject: FTP/TLS from zOS problems > > > > When I try to use FTPS from zOS to RHEL zLinux I get these messages > after connecting: > > > > 220 (vsFTPd 2.0.5) > >>>> AUTH TLS > > 234 Proceed with negotiation. > > Authentication negotiation failed > > Unable to successfully negotiate required authentication Std Return > Code = 10234, Error Code = 00017 FTP Complete: RC = 10234 > > > > > > Where can I find the meanings of these error codes? > > > > The puzzling thing for me right now is this USED to work... I'd get > Authentication successful, and the transfer would continue with no > problems. > > > > Anyway, tracking down the root cause of the failure will probably > help. :-) > > > > Thanks > > > > --------------------------------------------------------------------- > - > > For LINUX-390 subscribe / signoff / archive access instructions, send > email to lists...@vm.marist.edu with the message: INFO LINUX-390 or > visit http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > --------------------------------------------------------------------- > - > > For LINUX-390 subscribe / signoff / archive access instructions, > > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 > or visit > > http://www.marist.edu/htbin/wlvindex?LINUX-390 > > > > ---------------------------------------------------------------------- > For LINUX-390 subscribe / signoff / archive access instructions, > send email to lists...@vm.marist.edu with the message: INFO LINUX-390 > or visit > http://www.marist.edu/htbin/wlvindex?LINUX-390