[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SHA-256 certificates and TLS 1.0 for HTTPS

From: Robert Romano <rromano@xxxxxxxxxx>
To: HTTPAPI and FTPAPI Projects <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: RE: SHA-256 certificates and TLS 1.0 for HTTPS
Date: Thu, 16 Jul 2015 15:54:58 +0000

Thanks, Ian. I can continue playing with it as well. I was partially just looking for some clarification on whether it is even possible or not so that I didn't waste time if it isn't. If I am able to get it to work, I will let you know. Have a great vacation.

Bob

-----Original Message-----
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx [mailto:ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx] On Behalf Of Ian Patterson
Sent: Thursday, July 16, 2015 10:36 AM
To: HTTPAPI and FTPAPI Projects
Subject: Re: SHA-256 certificates and TLS 1.0 for HTTPS

I am in the process of testing V5R4 and SHA256 / TLS 1.2

Unfortunately (for you) I am now on a long vacation and won't pick up the project again until September.
My understanding is that V5R4 will support TLS 1.1 / 1.2 with SHA256 and I intend hopefully to make that work.

Regards

Ian Patterson

On 16/07/2015 15:57, Robert Romano wrote:
>     Hello,
>
>
>     I was hoping to re-open the discussion on "v5r4 SHA-256 certificates
>     and TLS 1.0 for HTTPS" from earlier this year. I have a similar issue
>     where I am stuck on V5R4 of the operating system (long story) and until
>     recently was able to use HTTPAPI with a partner using a SHA 1
>     certificate. They have moved to a SHA2 cert and I now receive an error
>     message "SSL Handshake: (GSKit) Certificate was rejected by the
>     application supplied exit".
>
>
>     I see the assertion from a March 12, 2015 post that SHA2 requires
>     TLS1.1 or TLS1.2 which are not available for V5R4, but I also see many
>     references on IBM's web site that say the V5R4 does support SHA-256. I
>     created a new *SYSTEM cert in the certificate store with a size of 256
>     and made it the default but get the same error. Is supporting SHA2
>     possible on V5R4 and, if so, does anyone have any advice on what I need
>     to do?
>
>
>     Thanks for any help.
>
>
>     Bob
>
>
>
> ----------------------------------------------------------------------
> - This is the FTPAPI mailing list.  To unsubscribe, please go to:
> http://www.scottklement.com/mailman/listinfo/ftpapi
> ----------------------------------------------------------------------
> -

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

References:
- SHA-256 certificates and TLS 1.0 for HTTPS
  - From: Robert Romano
- Re: SHA-256 certificates and TLS 1.0 for HTTPS
  - From: Ian Patterson

Prev by Date: Re: SHA-256 certificates and TLS 1.0 for HTTPS
Next by Date: Re: httpapi error: SetError() #43: CommSSL_Read: time-out!
Previous by thread: Re: SHA-256 certificates and TLS 1.0 for HTTPS
Next by thread: Re: SHA-256 certificates and TLS 1.0 for HTTPS
Index(es):
- Date
- Thread