What this message means is that it can't decrypt a record (and thats an SSL record, not a 5250 record) that was sent to it.
Your config file looks okay to me, I don't think this is a config issue. We're using OpenSSL (http://www.openssl.org) for the SSL routines, so we don't do any of the encryption/decryption ourselves, we let OpenSSL do it. I tried searching the OpenSSL mailing lists, and there are other people who have had this type of problem, but I can't find a resolution. (tho, the search software for those lists isn't the greatest) The only thing I can think of is trying to update to a newer version of OpenSSL, and see if that will solve the problem. Unfortunately, I can't reproduce the problem locally (SSL works perfectly for me) so I'd need your help to try things out. Are you willing to help? On Fri, 24 May 2002, BjM wrote: > > I'm attempting to connect tn5250 over SSL to a known IP:port. I've been > using IBM SafeWay Host-on-Demand Java 5250 client previously. Here is > the trace line in question, any suggestions?: > > 4293384889:error:1408F455:SSL routines:SSL3_GET_RECORD:decryption > failed or bad record mac:.\ssl\s3_pkt.c:450: > sslstream: SSL_connect() failed, errnum=0 > > Here is my setup tn5250rc: > > map=37 > font_80=Terminal > example1 { > env.TERM=IBM-3477-FC > env.DEVNAME=EXMP123 > +ssl_verify_server > trace=foo.txt > host=ssl:example.com:50855 > } > _______________________________________________ This is the Linux 5250 Development Project (LINUX5250) mailing list To post a message email: [EMAIL PROTECTED] To subscribe, unsubscribe, or change list options, visit: http://lists.midrange.com/cgi-bin/listinfo/linux5250 or email: [EMAIL PROTECTED] Before posting, please take a moment to review the archives at http://archive.midrange.com/linux5250.
