gt; Ken Mazer
> This Cranky Systems Programmer says “Share your knowledge, others may find it
> useful”
>
>
> -Original Message-
> From: IBM Mainframe Discussion List On Behalf Of
> Donald J
> Sent: Saturday, October 19, 2019 9:26 AM
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subj
Thanks Jim & Brian
We have Visara which seems to not be working.
Ticket is open on it.
> Sent: Saturday, October 19, 2019 at 1:08 AM
> From: "Brian Westerman"
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: Standalone DFDSS
>
> Jim is correct, all it takes is for one of the consoles that is attache
Question is about generating an interrupt on a console for a standalone restore.
I read this previous post:
https://groups.google.com/forum/#!topic/bit.listserv.ibm-main/lX4ZGaoUH_s
So for a z13 would the interrupt needed be the one described in
zEnterprise System
Support Element Operations Guide
Paul Gilmartin" <000433f07816-dmarc-requ...@listserv.ua.edu>
> To: IBM-MAIN@LISTSERV.UA.EDU
> Subject: Re: problem with FTP from Windows 10 to z/OS
>
> On Wed, 6 Jun 2018 13:50:22 +0200, Donald J wrote:
>
> >You could write a VBscript that creates your FTP script.
>
You could write a VBscript that creates your FTP script.
Store the password in a Win10 user or volatile environment variable.
The VBscript could run the FTP script, then delete the script file,
so there is no password kept on disk for more than the duration of
the ftp.
I would also recommmend usin
>Though the IRS has periodically upgraded its computing system,
>today’s system is still running the same code, which was written
>nearly 60 years ago.
Six years ago, they had job openings listed for 200 assembler
programmers spread across a dozen cities. Guess maybe those
people haven't insta
When the disaster hits, you may not be one of the survivors.
So plan needs to be prepared and ready in advance such that
any admin could execute it.
For us, Sungard labels the floor volumes as SG.
A VM guest definition should be provided to you in advance with
dasd definitions such as:
*
* 339
I notice your cert display did not list a "Key Usage" section.
X509v3 Key Usage: critical
Digital Signature, Key Encipherment, Data Encipherment
Digital Signature and Data Encipherment are defaults, but
KeY Encipherment does not default and needs to be specified
in Key Usage.
X
We are continuing to use the zAware LPAR and its data, but not much with the
zAware app.
I download the zAware data to my laptop, manipulate and filter it with scripts,
and output
it to an updated web page every 10 minutes.
Sent: Friday, September 08, 2017 at 2:44 AM
From: "Styles, Andy (ITS z
>I have also heard that there is an old system at University of Kentucky
>Medical Center
I had a phone interview with them about 6 years ago.
They were making all there IT employees "re-apply" for their current positions
and compete
with outsiders for their positions. I have never heard of that
Toyota used to be in Georgetown KY.
WPAFB used to hire a lot of mainframe contractors.
There are also a couple of insurance companies in Cincinnati.
Cincinnati bell possibly.
State of KY might have a mainframe in Frankfort.
There is a federal site in Fort Knox with mainframes, might be Army.
Splunk looks very interesting.
Too bad they don't support z/Linux.
--
Donald J.
dona...@4email.net
On Fri, Feb 10, 2017, at 06:44 AM, Pew, Curtis G wrote:
> On Feb 10, 2017, at 8:30 AM, Donald J. wrote:
> >
> > What programs (free or IBM or other) are available
keywords are then returned.
--
Donald J.
dona...@4email.net
On Fri, Feb 10, 2017, at 06:36 AM, Lizette Koehler wrote:
> So you can use (depending on level of z/OS) the SDSF REXX function.
> REXX
> DFSORT
> SAS
> CA EASYTRIEVE
> CA EARL
> SYNSORT
>
> And so
What programs (free or IBM or other) are available for doing historical keyword
searches against the SYSLOG or OPERLOG archives? ISPF or otherwise.
--
Donald J.
dona...@4email.net
--
http://www.fastmail.com - Email service worth paying for. Try it for free
http://www.support.xerox.com/support/xpaf/support/enus.html
--
Donald J.
dona...@4email.net
On Wed, Jan 18, 2017, at 09:51 PM, venkat kulkarni wrote:
> Hello Group,
>
> Currently we are using mainframe printer with bus and tag connectivity with
> Xerox printer via prism har
I tried to re-apply for an opening.
Got to page 9 of the 10 page online form.
It said something about if former employee, fill out item X.
Unfortunately item X was not on that page, and hitting
NEXT button asked again to complete item X.
--
Donald J.
dona...@4email.net
On Tue, Dec 13
type: text/html"
#-trace /u/curl/curlhttp.trace.log
--
Donald J.
dona...@4email.net
On Wed, Nov 30, 2016, at 08:16 AM, Dyck, Lionel B. (TRA) wrote:
> Thank you - I'll pass that along as an option - was told ftp/sftp was no
psftp is an sftp client available with the putty download.
--
Donald J.
dona...@4email.net
On Fri, Nov 18, 2016, at 02:09 AM, venkat kulkarni wrote:
> Hello,
>
> We are doing sftp implementation but I am not able to find way to test this
> scenarios. For ftp, i can test usin
h non-RACF passwords
in a separate ITDS backend. And configure it as you please.
--
Donald J.
dona...@4email.net
On Thu, Nov 17, 2016, at 01:44 AM, venkat kulkarni wrote:
> We need LDAP for two user id authentication purpose. Do we have any way to
> implement this change
>
> On Nov 17
try tracing the batch job name.
your job is a client which does not use your ftp server,
it uses the ibm smp ftp server.
--
Donald J.
dona...@4email.net
On Wed, Nov 16, 2016, at 11:19 AM, Ward, Mike S wrote:
> Hello all, we are having a little FTPS problem. As you can see below we
What is the output of :
RACDCERT ID(MP81136) LISTRING(bexarftp)
--
Donald J.
dona...@4email.net
On Wed, Sep 14, 2016, at 08:05 AM, Mark Pace wrote:
> I'm having them look at the firewall. I tired HTTPS, but I believe at 1.13
> it required a PTF to support https. They must
SIb3DQEBBQUA
A4GBAFjOKer89961zgK5F7WF0bnj4JXMJTENAKaSbn+2kmOeUJXRmm/kEd5jhW6Y
7qj/WsjTVbJmcVfewCHrPSqnI0kBBIZCe/zuf6IWUrVnZ9NA2zsmWLIodz2uFHdh
1voqZiegDfqnc1zqcPGUIWVEX/r87yloqaKHee9570+sB3c4
-END CERTIFICATE-
--
Donald J.
dona...@4email.net
On Wed, Sep 7, 2016, at 02:02 PM, John Eells w
Share 117 thru 125 were loaded at orderly locations:
https://share.confex.com/share/117/webprogram/uploadlistall.html
...
https://share.confex.com/share/125/webprogram/uploadlistall.html
They seem to have migrated off that trail with 126.
--
Donald J.
dona...@4email.net
On Mon, Aug 15
nfo: Closing connection 0
The http server port 443 accepts 1.0/1.1/1.2.
--
Donald J.
dona...@4email.net
On Mon, Aug 15, 2016, at 07:01 AM, Richards, Robert B. wrote:
> Dave,
>
> It is not just you. I sent a note at 6:48am entitled
this one connection.
--
Donald J.
dona...@4email.net
On Wed, Jul 20, 2016, at 07:51 AM, Walser, Susan L wrote:
> Greetings All,
>
> Has anyone set this up using RACF and the GEO.Trust.Cert who would be
> available to answer a few questions for me? I have the key ring adde
-signed
certs. The ranting about purchased vendor certificates is "off topic".
--
Donald J.
dona...@4email.net
On Wed, Jun 22, 2016, at 08:17 AM, Charles Mills wrote:
> Right.
>
> This is the confusion on what self-signed means.
--
http://www.fastmail.com - IMAP
authorityInfoAccess due to probable ASCII/EBCDIC issues. But
those items aren't needed for basic testing.
--
Donald J.
dona...@4email.net
--
http://www.fastmail.com - Send your email first class
--
For IBM-MAIN subscribe / signoff / ar
after you get it working.
Also do you have the host names defined in a
host table or DNS server?
--
Donald J.
dona...@4email.net
On Tue, Jun 21, 2016, at 01:47 PM, Jasi Grewal wrote:
> Greetings, I am trying to mount this zLinux Filesystem on zOS using NFS with
> the following comma
used the compiler on previous versions is to compile the
XAUTH program, and it should be upward compatible for new releases.
--
Donald J.
dona...@4email.net
--
http://www.fastmail.com - Does exactly what it says on the tin
Authority
--
Donald J.
dona...@4email.net
On Tue, May 17, 2016, at 05:08 PM, Andrew Rowley wrote:
> On 18/05/2016 0:53, John Eells wrote:
> > - Added support for both SHA-2 (SHA-256) and 2048-bit RSA certificates.**
> > - Put the package signing verification certificate wher
- 82 03 7d 30 82 02 e6 a0-03 02 01 02 02 03 12 bb ..}0
05f0 - e6 30 0d 06 09 2a 86 48-86 f7 0d 01 01 05 05 00 .0...*.H....
--
Donald J.
dona...@4email.net
On Tue, May 17, 2016, at 03:24 PM, Donald J. wrote:
> John,
>
> I don't think you have the right GeoT
that, your IBM cert and the GeoTrust SSL CA - G3 cert
will both be sha2. It is not significant that the GeoTrust Global CA root
certificate is sha1.
--
Donald J.
dona...@4email.net
On Tue, May 17, 2016, at 07:53 AM, John Eells wrote:
> So...suppose we were to do something like this*:
&g
Try doing your javac like below from your home directory.
Then see if any useful info is in your file javac.log
javac -J-Xverbosegclog:javac.log -J-XX:+PrintGCDetails -J-XX:+PrintGCTimeStamps
-help
--
Donald J.
dona...@4email.net
On Sat, May 7, 2016, at 08:25 AM, Phil Smith III wrote
Does adding "NOSOURCEROUTE ENABLED" to your SMTP task config
change anything?
--
Donald J.
dona...@4email.net
On Wed, Apr 27, 2016, at 05:05 PM, Field, Alan wrote:
> We run SMTP on one lpar (z/OS 2.1).
>
> Recently we switched our mail server from Notes to Exchange.
>
Great. Now the difficult part begins - figuring out how to use it.
I think the recommended procedure for the old method was to create a base config
with no plugins, then add the plugins by running izusetup again with the -add
parameter,
and A values in your override file.
--
Donald J
>...and I tried with Donald suggestion and unfortunately it did not worked.
Post the output from the openssl s_client command.
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to lists...@listserv.ua.e
Try SSLProtocolEnable TLSv12 instead of TLSv1.2
You can test with an openssl command similar to:
openssl s_client -connect 12.34.56.78:443 -tls1_2
--
Donald J.
dona...@4email.net
On Tue, Mar 29, 2016, at 02:26 PM, Jasi Grewal wrote:
> Greetings, We are using Apache Web Server on z/OS sys
he is on CICS 5.2, not 5.3.
--
Donald J.
dona...@4email.net
On Thu, Mar 24, 2016, at 09:16 AM, McCabe, Ron wrote:
> IBM would prefer that you use MINTLSLEVEL...
>
> The ENCRYPTION system initialization parameter has been deprecated. Use the
> MINTLSLEVEL system initializati
Allows the use of TLS v1.0 (this is the default).
ENCRYPTION=SSLV3 Allows the use of TLS v1.0 and SSL V3.0.
--
Donald J.
dona...@4email.net
On Thu, Mar 24, 2016, at 08:37 AM, Lopez, Sharon wrote:
> A federal agency changed to TLS v1.2 over the weekend
ious if IBM has tested that mode? Can you confirm?
--
Donald J.
dona...@4email.net
On Fri, Mar 11, 2016, at 01:56 PM, Kurt Quackenbush wrote:
> > Their server also seems to require use of the CCC subcommand to clear the
> > command channel.
>
> To be clear, IBM's serv
You need RemotePortRangeRef for port 21.
Port 21 is remote.
--
Donald J.
dona...@4email.net
On Fri, Mar 11, 2016, at 12:21 PM, Gibney, David Allen wrote:
> Actually, I do:
> TTLSRule ftp_c
CA
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
3 s:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority
--
Donald J.
dona...@4email.net
On Thu, Mar 10, 2016, at 06:45 AM, Jousma, David wrote:
> I had to come up wi
/u/appl/xsd is simply a user folder for user xsd files.
xsdosrg binary is in /bin
The OUTFILE and INFILE were obviously not needed either.
They were used for additional STDIN input commands for
co:z hybrid batch processing which I did not list.
--
Donald J.
dona...@4email.net
*
cd /u/appl/xsd
xsdosrg -v -o IRS.osr IRS-EXT-ACA-AIR-7.0.xsd
--
Donald J.
dona...@4email.net
On Fri, Jan 29, 2016, at 12:23 PM, Zierdt, Richard A (IS) wrote:
> IBM-Main is not the likely forum for this - an
to the IPL diagnostic area.
Add X'28' to the address in X'14', and also read this as a real address in
central storage.
The result is the 31-bit virtual address of the IPL vector table (IVT).
--
Donald J.
dona...@4email.net
On Fri, Jan 22, 2016, at 06:35 AM, R.S. wrote:
> I t
4
which is less desirable than the above.
--
Donald J.
dona...@4email.net
On Thu, Jan 21, 2016, at 05:06 AM, David Crayford wrote:
> > I also manage manually with generic symlinks. I do this for Apache
> > webserver as well.
>
> Why? I'm interested why you woul
There is also same option for the SE TCP menu item.
BMC is probably the Baseboard Management Controller. You could
check the bios and see if there is an option to turn DHCP on/off on
the BMC.
--
Donald J.
dona...@4email.net
On Mon, Nov 23, 2015, at 06:27 AM, Tony Thigpen wrote
Select the Network Diagnostics icon from both your HMC and SE and then click
on the menu bar TCP option to display all socket connections.
--
Donald J.
dona...@4email.net
On Fri, Nov 20, 2015, at 09:00 PM, Tony Thigpen wrote:
> Background: HMC software version 2.11.1 connected to a
t tell which SR level I have from this. I'm Java ignorant, so I'll
> have to try to figure what these Java overrides you speak of.
>
> On Fri, Oct 2, 2015 at 9:50 AM, Donald J. wrote:
>
> > The return code 12 / 11060 is because your Java provider list includes
>
The return code 12 / 11060 is because your Java provider list includes
com.ibm.crypto.hdwrCCA.provider.IBMJCECCA
zOSMF uses Java SSL, not System SSL.
Java 7 SR3 is minimum requirement for zOSMF.
You probably need some Java overrides to eliminate attempt
to use hardware crypto.
--
Donald J
ation.
--
Donald J.
dona...@4email.net
On Wed, Sep 30, 2015, at 01:06 PM, Mark Pace wrote:
> One last piece of information - this system runs as a guest of z/VM.
>
> On Wed, Sep 30, 2015 at 3:59 PM, Mark Pace wrote:
>
> > One other piece of information - the reasonCode
> > 2
>Or am I naive in thinking that this is a for real and not a scam?
No. Marco has posted a number of RACF questions previously.
--
Donald J.
dona...@4email.net
On Wed, Jul 22, 2015, at 03:04 AM, Aled Hughes wrote:
> Marco, I have to ask in John McEnroe's famous words - &qu
after the "Trace 15", add something like this:
{
SyslogFacility auth
}
--
Donald J.
dona...@4email.net
On Wed, Jun 10, 2015, at 12:16 PM, Scott Ford wrote:
> Guys/Gals:
>
> We have a
> 0090 EZD1285I TTLS Data CONNID: 0014 SEND CIPHER 1503020002020A
The 1503020002020A is an SSL alert packet with a fatal error:
Unexpected message
You should run GSK traces to see why the packet is unexpected.
--
Donald J.
dona...@4email.net
On Fri, Jun 5, 2015, at 08:45 AM, Sc
RECV CIPHER
015B030155548ECF35553E488B83C575E3ED52CAA2E0C8DBB37AA97EEAC35115EAC90CB81
0002F00350005000A00320038 ...
--
Donald J.
dona...@4email.net
On Thu, May 14, 2015, at 04:56 AM, Donald J. wrote:
> If you use trace le
:0 Get GSK_CONNECT_SEC_TYPE(208) - TLSV1
CONNID: DA17 RC:0 Get GSK_CONNECT_CIPHER_SPEC(207) - 002F
--
Donald J.
dona...@4email.net
On Wed, May 13, 2015, at 03:20 PM, Scott Ford wrote:
> All,
> We are running z/OS 1.13 and I have AT-TLS configured with PAGENT and
&
You misspelled websphere.
Try this with a capital S and no space. Label must exactly match.
racdcert CERTAUTH alter(label('WebSphereCA')) notrust
--
Donald J.
dona...@4email.net
On Wed, Apr 22, 2015, at 06:08 AM, nitz-...@gmx.net wrote:
> All,
>
> I am new to this c
Can someone recommend a good DB2 Forum?
The one at IBM developerWorks is not very active.
As example, 17 of the last 25 questions have gone
with 0 replies. 6 of those with only 1 reply.
I do see an IDUG DB2-L forum.
--
Donald J.
dona...@4email.net
--
http://www.fastmail.com - Does
LDAP would be required if you want to check
for revoked certificates from PAGENT or CICS.
LDAP could be somewhere besides z/os though.
--
Donald J.
dona...@4email.net
On Thu, Oct 30, 2014, at 12:18 PM, Dazzo, Matt wrote:
> We are starting to look at certificate management, I was wonder
According to Share document "CICS Identity and Security" from Pittsburgh 2014,
only sha1 is supported on outbound signature?
Just curious, how did you determine the same required signature was not
produced?
--
Donald J.
dona...@4email.net
On Tue, Oct 28, 2014, at 11:34 AM, Wa
You are not supplying valid bind credentials. Suggest you get any ldapsearch
to work first using
TESTUSER's bind credentials. Then the password can be changed with just the
addition of /newpwd
after the current password on the ldapsearch.
--
Donald J.
dona...@4email.net
On Wed
mainframe only.
--
Donald J.
dona...@4email.net
On Wed, Oct 22, 2014, at 04:23 AM, Tim Brown wrote:
> This gets a 0 but the password is still the old one
>
> sh /bin/ldapsearch -h 127.0.0.1 -p 389 -s base
> -w oldpwd
> -n oldpwd
That would be your SUFFIX parameter value.
--
Donald J.
dona...@4email.net
On Tue, Oct 21, 2014, at 01:30 PM, Tim Brown wrote:
> Thanks , where is RACFSY7 referred to in DSCONFIG?
>
> -Original Message-
> From: IBM Mainframe Discussion List [mailto:IBM-MAIN@LISTSER
This works for me:
ldapsearch -h mvs7 -D racfid=jojo123,profiletype=user,cn=RACFSY7 -w
oldpwd/newpwd -s base -b "" objectclass=*
--
Donald J.
dona...@4email.net
On Tue, Oct 21, 2014, at 07:58 AM, Tim Brown wrote:
> Attempting to use ldapchangepwd. Any idea what is
The first is SDK V6.0.0 and the second is SDK V6.0.1
Each has its own levels as described here:
http://www-03.ibm.com/systems/z/os/zos/tools/java/services/j6servsum31.html
--
Donald J.
dona...@4email.net
On Tue, Aug 26, 2014, at 12:05 PM, Pommier, Rex wrote:
> Hi,
>
> I have a qu
a VPS issue.
--
Donald J.
dona...@4email.net
> >What type of setting are you referring to?
>
> Some possible settings, YMMV:
vps parameters listed
> All of the very best for you.
>
> Groete / Greetings
e parameter setting value.
It appears application level tracing would be
required to diagnose the issue.
--
Donald J.
dona...@4email.net
On Thu, Aug 21, 2014, at 02:39 AM, Elardus Engelbrecht wrote:
> Barry Merrill wrote:
>
> >There is no separate SMF record written when data i
CTTH441.SDB1.JOB07555.D032.? SYSOUT
--
Donald J.
dona...@4email.net
--
http://www.fastmail.fm - Does exactly what it says on the tin
--
For IBM-MAIN subscribe / signoff / archive access instructions,
send
Try typing the ldapsearch directly from an omvs command line.
I usually use openldap on my pc for commands.
An OMVS segment for your userid is probably a requirement.
--
Donald J.
dona...@4email.net
On Wed, Aug 6, 2014, at 12:08 PM, Tim Brown wrote:
> Thanks, I ran this, it got rc=0
n/ldapsearch -h mvs6 -p 3289 -D cn=yyy -w zzz
> -b "O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB"
> "(objectclass=*)" ;
> //
>
> --
> Donald J.
> dona...@4email.ne
Our z196 3174 consoles are defined on a TYPE=CNC escon chpid. We will
be using a zEC12
at a DR site for testing. Can the console virtual devices on our IODF
TYPE=CNC chpid be attached
to DR site VM devices on a real TYPE=FC chpid? Will our chpid/devices
vary online ok?
--
Donald J.
dona
Do you have Security Level 3 FMID (JCPT3D1) installed?
--
Donald J.
dona...@4email.net
On Thu, Jun 5, 2014, at 07:53 AM, Frank Chu wrote:
> Hello,
>
> I am trying to work out how to get the zOS 1.13 FTP client to connect to
> a FTP server (a FileZilla Server on Windows) via FT
FUNCTION )
// ELSE
//*
//SSHD EXEC PGM=BPXBATCH,REGION=0M,TIME=NOLIMIT,
// PARM='PGM /bin/sh -c /u/local/sbin/sshd.sh'
//STDERR DD SYSOUT=*
//*
// ENDIF
Job Opportunities
Create application here:
http://agency.governmentjobs.com/cpatx/default.cfm
Job #: 2W11.14
Job Title: zEnterprise Performance Analyst (REOPENED)
State Classification Title: Systems Analyst V
Salary: $64,200.00 - $82,200.00 Annually
Location: Austin, TX (LBJ)
https://certs.godaddy.com/anonymous/repository.pki
--
Donald J.
dona...@4email.net
> FC2903 authServerAttls: ioctl() failed on SIOCTTLSCTL - EDC8121I
> Connection
> reset. (errno2=0x77B17343)
> EZA2897I Authentication negotiation
> failed
> EZA1534I *** Control connection with 10.6
You need ApplicationControlled On as well as SecondaryMap On.
Issue this command to see your resultant config:
pasearch -p TCPIP > tcpip.pagent.dat
--
Donald J.
dona...@4email.net
> > TTLSEnvironmentAdvancedParms
> > {
> > SecondaryMap On
--
h
t. I would guess your linux file only
has the server cert in it, and it needs the intermediate
cert in it as well, and optionally the root cert.
--
Donald J.
dona...@4email.net
On Thu, May 8, 2014, at 07:31 AM, Mark Pace wrote:
> I assume it's complete - I don't see an obvious
-
Filezilla is not a good program to test with, as it appears to not do
server cert
authenticatation. It is better to use curl for windows or curl for
z/OS.
--
Donald J.
dona...@4email.net
On Wed, May 7, 2014, at 03:38 PM, Neubert, Kevin wrote:
> Is the chain complete? Check trust and Issue
You need to change that to DEFAULT NO.
--
Donald J.
dona...@4email.net
On Wed, May 7, 2014, at 01:01 PM, Mark Pace wrote:
> Yes, I did the digtcert refresh
> Digital ring information for user IBMUSER:
>
>Ring:
> >FtpSecur<
>Certificate Label Nam
You did do a:
SETROPTS RACLIST(DIGTCERT) REFRESH
after last changing the keyring?
What does the LISTRING show now?
Does the userid submitting the batch job have any ICH408I
errors in the log?
--
Donald J.
--
http://www.fastmail.fm - Send your email first class
The DEFAULT YES would be used for a client certificate,
not for a CERTAUTH entry.
--
Donald J.
> Digital ring information for user IBMUSER:
>
> Ring:
>>FtpSecur<
> Certificate Label Name Cert Owner
If you aren't using any client certs, it is easier to just use a
RAC virtual keyring for CERTAUTH server authentication:
KEYRING *AUTH*/*
--
Donald J.
dona...@4email.net
On Wed, May 7, 2014, at 07:38 AM, Mark Pace wrote:
> Trying to turn on some DEBUG information
> DEBUG FLO
trace to track down these problems.
Are you using AT-TLS environment for the FTPS client ?
--
Donald J.
dona...@4email.net
On Wed, May 7, 2014, at 07:38 AM, Mark Pace wrote:
> Trying to turn on some DEBUG information
> DEBUG FLO
>
> FC1003 authServer: secure_socket_init failed w
racdcert id(userid) listring(ring.name)
racdcert id(userid) connect(ring(ring.name) LABEL('GoDaddy Root Label')
CERTAUTH usage(CERTAUTH) )
--
Donald J.
On Wed, May 7, 2014, at 06:34 AM, Mark Pace wrote:
> The cipher was one of my early problems. But I figured that one
Make sure client and server have a common cipher.
SSL_AES_128_SHA and SSL_AES_256_SHA are probably more
commonly used than SSL_RC4_SHA.
Make sure the linus root certificate is in your z/OS client keyring.
--
Donald J.
--
http://www.fastmail.fm - A no graphics, no pop-ups email service
the mapping is the
1st entry in the set of hostIdMappings. A problem ticket is currently
open on that issue.
On Fri, Mar 14, 2014, at 06:30 AM, Phil Sidler wrote:
> On Wed, 12 Mar 2014 10:55:35 -0700, Donald J. wrote:
>
> >It works when the certificate is associated to a userid
I have a ticket open with the RDz client issues. IBM hasn't provided a
resolution yet. They have been
questioning the validity of my certificates, but now that they work on
CICS Web Services that issue should
not be questioned.
>
> All I can think of then is that RACF isn't finding the matchi
CLASS NAME
-
SERVAUTH IRR.HOST.MVS3.domain.removed
USER ACCESS ACCESS COUNT
-- -- -
RDZRSEDREAD00
FTPSERV2 READ00
> > But I could
> >not get HostID
SECURE_LOGIN REQUIRED
SECURE_PASSWORD OPTIONAL
SECURE_CTRLCONN PRIVATE
SECURE_DATACONN PRIVATE
SECURE_FTP REQUIRED
It works when the certificate is associated to a userid.
--
Donald J.
dona...@4email.net
On Wed, Mar 12, 2014, at 10:53 AM, Phil Sidler wrote:
> On
ation=true? I have a
ticket open with IBM, but no response in almost a week.
--
Donald J.
dona...@4email.net
On Tue, Mar 11, 2014, at 02:04 PM, Walt Farrell wrote:
> On Tue, 11 Mar 2014 05:54:24 -0700, Donald J. wrote:
>
> >I am currently using openssl to create certificates fo
I now have an openssl config which produces the same hex code as your
vbsscript for
lengths less than 128. For length above 128 openssl produces a
different length code
for the SET (x'31') which is x'318184'. Your script produces
x'31820184'. I will do some
testing with CICS Web Services and FTP
r certificate with your userid? If so, then
the HostIDMapping extension was not needed or used.
On Mon, Mar 10, 2014, at 02:38 PM, Phil Sidler wrote:
> On Mon, 10 Mar 2014 13:49:38 -0700, Donald J. wrote:
>
> >Yes, the script helps to identify some things. What appilcation was it
>
I have tried. I'm thinking maybe there
is a bug in the client.
--
Donald J.
dona...@4email.net
On Mon, Mar 10, 2014, at 11:57 AM, Phil Sidler wrote:
> On Mon, 10 Mar 2014 08:59:55 -0700, Donald J. wrote:
>
> >Could someone who is using z/OS PKI Services for z
]:30780C1C4C554845343438404D5653332E4350412E53544154452E54582E55530C1C4C554845343438406D7673332E6370612E
73746174652E74782E75730C1C6C756865343438404D5653332E4350412E53544154452E54582E55530C1C6C756865343438406D7673332E6370612E73746174652E74782E7573
--
Donald J.
dona...@4email.net
--
http://www.fastmail.fm - Email
>From each of the 25 PCOMM telnet sessions, you could logon TSO and
enter TSO TELNET MVSxyz to create another 25 sessions.
--
Donald J.
dona...@4email.net
On Wed, Jul 17, 2013, at 02:26 AM, Alex Wang wrote:
> Hey, there.
>
> I'm curious about is it possible to open about
Mine from a SuSE linux to z/OS 1.13:
real0m1.224s
user0m0.008s
sys 0m0.008s
--
Donald J.
dona...@4email.net
> >
> > From Solaris to MVS:
> >
> > 133$ time ssh user@MVS date
> > Mon Jul 8 07:43:06 MDT 2013
> >
> > re
Check x11DisplayOffset value. If should be set to something like 10 if
you want to forward directly via port 6010,
or set to 0 if you want to tunnel through your SSH port 22 connection.
My DISPLAY is set to 127.0.0.1:0 and my x11DisplayOffset is 0.
--
Donald J.
dona...@4email.net
On Wed
A writable zfs must be cleanly unmounted or there will be a 65 second
delay at IPL time for each one.
This can be avoided by mounting it on another system and then
immediately unmounting it.
See Share 2012 document "zFS Diagnosis II: Problem Determination and
File System Monitoring".
--
uhe338/xauth/output.log
--
Donald J.
dona...@4email.net
On Fri, Jun 7, 2013, at 06:17 AM, Donald J. wrote:
> You will also have to compile the xauth c program.
> I don't think IBM supplies a binary for it.
>
> --
> Donald J.
> dona...@4email.net
>
&g
You will also have to compile the xauth c program.
I don't think IBM supplies a binary for it.
--
Donald J.
dona...@4email.net
On Fri, Jun 7, 2013, at 06:07 AM, Mark Pace wrote:
> That was the problem.
> Some other issues with deprecated APIs. Maybe if I look at the sample C
&
1 - 100 of 119 matches
Mail list logo
