[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] Problem: (GSKit) No compatible cipher suite available between SSL end points.



HTTPAPI does not have any SSL routines in it.  It simply uses the SSL support in the operating system...  so your question is for IBM, not me.  You might look at the various system values to see what ciphers the OS can configure, though.

I've run into the same issue that Brad Stone mentioned -- IBM didn't incorporate newer TLS ciphers in 7.1, they only added them to 7.2 and higher.  So if those (I don't know exactly which ones they are) are the ones you need, you will need to upgrade.


On 10/3/17 4:52 PM, James H. H. Lampert wrote:
Dear Mr. Klement, and members of the Tomcat List:

I have a series of AS/400 programs using HTTPAPI to access services hosted by a webapp running under Tomcat.

Up until now, I've only tested this configuration with Tomcat 7, running on a local Linux (CentOS) box, and the last time I tested it, it worked fine.

Today, for the first time, I tried changing the HTTPAPI calls to access essentially the same webapp, only running in Tomcat 8 on a cloud server, in order to find any places where the calls need to be updated to keep up with changes in the services.

And I didn't even get that far. Instead, the SSL handshake failed with
(GSKit) No compatible cipher suite available between SSL end points.

Now what?

I mean, I know that I need to get HTTPAPI and Tomcat speaking the same language, but where do I begin?

--
JHHL

--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi