Home > Return Code > Eza1735i Std Return Code = 10234, Error Code = 00010

Eza1735i Std Return Code = 10234, Error Code = 00010

Contents

I'masking the list simply because BMC support has been extremely slow inresponding back to us (3+ days) and I thought I would see if anyonemight be able to point us in If you have received it in error, please notify the sender immediately and delete the original and any copy or printout. hmmm > > Well, I'll keep digging. > > Cheers > > > On Wed, Dec 23, 2009 at 09:08, Stewart Thomas J > wrote: > > If I remember Please login or register.Did you miss your activation email? 1 Hour 1 Day 1 Week 1 Month Forever Login with username, password and session length News: Home Help Search Login navigate here

Watson Product Search Search None of the above, continue with my search FTP Client fails with EZA2897I Authentication negotiation failed SSL TLS secure FTP EZA2897I Authentication negotiation failed fail Technote (troubleshooting) Logged surlypants New user Posts: 3 Re: TLS Authenication - Mainframe to Solaris « Reply #5 on: February 14, 2007, 04:05:10 pm » snippet from proftpd_tls.log:Feb 13 09:07:13 mod_tls/2.1.2[33205]: TLS/TLS-C requested, To add a key ring, Use message EZY2640I to determine the FTP.DATA file being used by the ftp client. Larry Gray Large Systems Engineering Lowe's Companies Inc. 336-658-7944 Email Firewall made the following annotations ------------------------------------------------------------------------ NOTICE --- This message is for the designated recipient only and may contain confidential, privileged check it out

Eza1735i Std Return Code = 10234, Error Code = 00010

I will tell you what the error is with the TLS handshake. This will give you debugging onthat level. EZA1456I Connect to ? DisplayLogin welcome.msg DisplayFirstChdir .message # Limit WRITE everywhere in the anonymous chroot DenyAll We're

Enabling a client trace by issuing subcommand DEBUG SEC will show message ftpAuth: no keyring before the EZA2897I message. The KEYRING statement must specify a valid key ring database. FC0904 authServer: secure_socket_open () FC0971 authServer: secure_socket_init () FC0984 authServer: secure_socket_init failed with rc = 410 (SSL message format incorrect) FC1339 endSecureConn: entered EZA2897I Authentication negotiation failed FC1371 endSecureEnv: entered CZ0609 Fc1003 Authserver Secure_socket_init Failed With Rc 410 That would create a GSK trace.Then use the gsktrace command to format the .trc file.//FTPIT EXEC PGM=FTP, // PARM=('ENVAR("GSK_TRACE=0XFFFF","GSK_TRACE_FILE=/tmp/gskadp.trc")',// '/-r TLS (TRACE EXIT') Larry GrayLarge Systems EngineeringLowe's Companies Inc.336-658-7944-----Original Message-----From: IBM

This can be done by adding DEBUG SEC to the FTP.DATA file or as a command. EZA1736I ftp.gactr.uga.edu As a guess, you might not have > their CA in your keyring.> If that does not show the cause of the problem, you can run a > GSK trace and So I ran a RACDCERT CHECKCERT (MVS.DATASET.FOR.GTE,FROM,WEB) to verify it was a good xfer to the mainframe.

edu [Download message RAW] Thanks Wai. See the IP Configuration Reference manual for information on the KEYRING statement. What does a TLSLog show? I'masking the list simply because BMC support has been extremely slow inresponding back to us (3+ days) and I thought I would see if anyonemight be able to point us in

Std Return Code = 10220, Error Code = 00017

We want to implement HSMplex(4 members).we will also implement DR in the future.We are not sure whethere we need RLS for accessing the control data sets. http://marc.info/?l=racf-l&m=126903648224620 HesabımAramaHaritalarYouTubePlayHaberlerGmailDriveTakvimGoogle+ÇeviriFotoğraflarDaha fazlasıDokümanlarBloggerKişilerHangoutsGoogle'a ait daha da fazla uygulamaOturum açınGizli alanlarGrupları veya mesajları ara Google Grupları Tartışma Forumları'nı kullanmak için lütfen tarayıcı ayarlarınızda JavaScript'i etkinleştirin ve sonra bu sayfayı yenileyin. . Eza1735i Std Return Code = 10234, Error Code = 00010 It establishes a single server# and a single anonymous login. Secure_socket_init Failed With Rc = 420 Any suggestion and comment are great appreciated!

If you have received it in error, please notify the sender immediately and delete the original and any copy or printout. http://juicecoms.com/return-code/vsam-catalog-return-code-is-8-reason-code-is-igg0cleg-42.html Most of these are standard codes, so 234 is > documented in the RFC for the AUTH TLS FTP subcommand. > > > > Tom Stewart > > Mainframe OS, Networking But, a search for ftp auth tls error codes lead > me to this IBM manual... Follow-Ups: RE: FTP Secure (TLS/SSL) to BMC Support - TLS handshake failed From: Gray, Larry - Larry A References: RE: FTP Secure (TLS/SSL) to BMC Support - TLS handshake failed From: Secure_socket_init Failed With Rc = 410 \

Logged alph castaglia Administrator Support Hero Posts: 5172 TLS Authenication - Mainframe to Solaris « Reply #1 on: November 03, 2005, 06:53:33 pm » What does your mod_tls configuration (from proftpd.conf) If you have received it in error, please notify the sender immediately and delete the original and any copy or printout. Larry GrayLarge Systems EngineeringLowe's Companies Inc.336-658-7944-----Original Message-----From: IBM Mainframe Discussion List [mailto:IBM-***@ibm-main.lstBehalf Of Steven WerthSent: Wednesday, March 21, 2007 2:42 PMTo: IBM-***@BAMA.UA.EDUSubject: Re: FTP Secure (TLS/SSL) to BMC Support - TLS his comment is here sounds like the > problem could be in the SYSFTPD DD statements... > Is something misconfigured?

cipherspecs = 0A0906030405020135 FC0263 ftpAuth: environment_open() FC0381 ftpAuth: environment_init() FC0390 ftpAuth: environment initialization complete EZA1701I >>> AUTH TLS 234 AUTH TLS successful FC0765 authServer: secure_socket_open() FC0832 authServer: secure_socket_init() FC0845 authServer: secure_socket_init Note that this ONLY works# in standalone mode, in inetd mode you should use an inetd server# that allows you to limit maximum number of processes per service# (such as xinetd).MaxInstances I think you need to > break this into mmnnn, where mm is a command code and nnn is the FTP > client reply code.

Here are the messageswe get:220 BMC FTP Server Ready EZA1701I >>> AUTH TLS 234 AUTH TLS successful EZA2897I Authentication negotiation failed EZA2898I Unable to successfully negotiate required authentication EZA1735I Std Return

Unintended recipients are prohibited from making any other use of this e-mail. Here are the messageswe get:220 BMC FTP Server Ready EZA1701I >>> AUTH TLS 234 AUTH TLS successful EZA2897I Authentication negotiation failed EZA2898I Unable to successfully negotiate required authentication EZA1735I Std Return We're just getting impatient with BMCsupport.Steve Werth> Add "DEBUG SEC" to the SYSFTPD parms. Google Grupları Tartışma Forumları'nı kullanmak için lütfen tarayıcı ayarlarınızda JavaScript'i etkinleştirin ve sonra bu sayfayı yenileyin. .

On the client? If you need to allow more than 30 concurrent connections# at once, simply increase this value. Jason Cai ----------------------------------------------------------------------For IBM-MAIN subscribe / signoff / archive access instructions,send email to ***@bama.ua.edu with the message: GET IBM-MAIN INFOSearch the archives at http://bama.ua.edu/archives/ibm-main.html 7 Replies 192 Views Switch to linear weblink Although we have taken reasonable precautions to ensure no viruses are present in this e-mail, we accept no liability for any loss or damage arising from the use of this e-mail

As a guess, you might not have their CA in your keyring.> If that does not show the cause of the problem, you can run a GSK > trace and look Unintended recipients are prohibited from making any other use of this e-mail. I'd get > Authentication successful, and the transfer would continue with no > problems. > > > > Anyway, tracking down the root cause of the failure will probably > help. Search the archives on IBMTCP-L or IBM-MAIN Dave Gibney Information Technology Services Washington State University > -----Original Message----- > From: Linux on 390 Port [mailto:[email protected]] On Behalf Of > Donald Russell

cc ! Logged Print Pages: [1] « previous next » forums.proftpd.org » OS Support » Other » TLS Authenication - Mainframe to Solaris SMF 2.0.11 | SMF © 2015, Simple Machines XHTML Unintended recipients are prohibited from making any other use of this e-mail. I will tell you what the error is with theTLS handshake.

Document information More support for: z/OS Communications Server All Software version: 1.2, 1.4, 1.5, 1.6, 1.7, 1.8, 1.9, 1.10, 1.11, 1.12, 1.13, 2.1 Operating system(s): z/OS Reference #: 1055396 Modified date: If you are not the sender's intended recipient, you are not authorized to intercept, read, print, retain, copy, forward, or disseminate this message. It assumes that you have a user/group# "nobody" and "ftp" for normal operation and anon.ServerName "ProFTPD Default Installation"#ServerType Resolving the problem The FTP client must be configured with a key ring file in FTP.DATA to negotiate a secure FTP session.

COM> Date: 2010-03-19 22:02:21 Message-ID: 201003192202.o2JHQglm019880 () malibu ! Although we have taken reasonable precautions to ensure no viruses are present in this e-mail, we accept no liability for any loss or damage arising from the use of this e-mail We're just getting impatient with BMCsupport.Steve Werth> Add "DEBUG SEC" to the SYSFTPD parms. HesabımAramaHaritalarYouTubePlayHaberlerGmailDriveTakvimGoogle+ÇeviriFotoğraflarDaha fazlasıDokümanlarBloggerKişilerHangoutsGoogle'a ait daha da fazla uygulamaOturum açınGizli alanlarGrupları veya mesajları ara Skip to site navigation (Press enter) Re: FTP/TLS from zOS problems Gibney, Dave Wed, 23 Dec 2009 10:14:33 -0800

cipherspecs = 0A0906030405020135FC0263 ftpAuth: environment_open()FC0381 ftpAuth: environment_init()FC0390 ftpAuth: environment initialization completeEZA1701I >>> AUTH TLS234 AUTH TLS successfulFC0765 authServer: secure_socket_open()FC0832 authServer: secure_socket_init()FC0845 authServer: secure_socket_init failed with rc = 410 (SSL messageformat is Diagnosing the problem The FTP client trace should be enabled with option SEC. If you have received it in error, please notify the sender immediately and delete the original and any copy or printout.