[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: (GSKit) Peer not recognized or badly formatted message received.
Wanted to provide an update. IBM is still analyzing the SSL trace. Here
is what happened today.
1. V5R4 brought current on PTFs on this test iSeries in addition to an
IPL, but this had no impact.
2. Contacted the vendor again and ran two tests
A. Had the vendor disable the SSL requirement on their side. We ran our
transmission. It worked fine.
B. Had the vendor revert away from the new VeriSign Intermediate back to
their EquiFax cert using SSL. We ran our transmission. It worked fine.
3. Had the vendor retransmit the cert they are using to us. I verified by
effective date, expiration date & serial # that this is the exact cert we
have in our trusted CA list in DCM. The trusted CA list for our
application includes this cert and it is enabled.
4. Downloaded both the "Before May 17th, 2009" and "After May 17th, 2009"
versions of this cert (VeriSign Class 3, Non-Extended Validation,
Non-Public Key Interface, Secure Site CA, Generation 2).
5. Verified that the "After May 17th, 2009" cert matched the effective
date, expiration date & serial # of the one installed in DCM (and received
from the vendor)
6. Installed into DCM and my applications CA list the "Before May 17th,
2009" cert & disabled the "After May 17th, 2009" cert. Re-tested after
resetting HTTP services on the iSeries... and nothing.
We are still stuck and receiving the same ssl_error(410) (GSKit) Peer not
recognized or badly formatted message received.
Thanks for staying with me.
Anthony Wilson
Direct To Consumer Analyst
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------