To set the record straight, I am told that a PTF (IBMese for patch) is required for z/OS V1R13 to support TLS v1.2.
Charles -----Original Message----- From: [email protected] [mailto:[email protected]] On Behalf Of Charles Mills Sent: Friday, November 21, 2014 12:07 PM To: [email protected] Subject: RE: SSL alert number 51 Thanks guys for all of the clues! I got it working! Long story. Wow, FIPS is a moving target. I re-did my root CA with SHA 256, and my server certificate. I had to move my testing from z/OS V1R13 to z/OS V2R1 -- *apparently* V1R13 does not support TLS V1.2 which as you intimated at some point may be required for things that FIPS requires. (A corollary would seem to be that z/OS V1R13 does not support current FIPS requirements but don't quote me on that.) ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [email protected] Automated List Manager [email protected]
