[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SHA-256 certificates and TLS 1.0 for HTTPS
I am in the process of testing V5R4 and SHA256 / TLS 1.2
Unfortunately (for you) I am now on a long vacation and won't pick up
the project again until September.
My understanding is that V5R4 will support TLS 1.1 / 1.2 with SHA256
and I intend hopefully to make that work.
Regards
Ian Patterson
On 16/07/2015 15:57, Robert Romano wrote:
Hello,
I was hoping to re-open the discussion on "v5r4 SHA-256 certificates
and TLS 1.0 for HTTPS" from earlier this year. I have a similar issue
where I am stuck on V5R4 of the operating system (long story) and until
recently was able to use HTTPAPI with a partner using a SHA 1
certificate. They have moved to a SHA2 cert and I now receive an error
message "SSL Handshake: (GSKit) Certificate was rejected by the
application supplied exit".
I see the assertion from a March 12, 2015 post that SHA2 requires
TLS1.1 or TLS1.2 which are not available for V5R4, but I also see many
references on IBM's web site that say the V5R4 does support SHA-256. I
created a new *SYSTEM cert in the certificate store with a size of 256
and made it the default but get the same error. Is supporting SHA2
possible on V5R4 and, if so, does anyone have any advice on what I need
to do?
Thanks for any help.
Bob
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
[1]http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
References
1. http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------