× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Tim,

In DCM, check your Application type: Client
Application ID: QIBM_QTMF_FTP_CLIENT

By default, a V7R1 system is *pgm, which is TLS1.0 SSL3.0 SSL2.0
You probably need to change from default to TLS1.2 etc.

Also check/change the ciphers.

Update Application Definition

Application type: Client
Application ID: QIBM_QTMF_FTP_CLIENT
Application description: IBM i TCP/IP FTP Client
Certificate Assigned: None assigned

Information that can be updated:

SSL protocols
*PGM
Define protocols supported:
TLS 1.2
TLS 1.1
TLS 1.0
SSL 3.0
SSL 2.0

SSL cipher specification options
*PGM
Define cipher specification list: Order
RSA_AES_128_CBC_SHA256 >
RSA_AES_128_CBC_SHA
RSA_AES_256_CBC_SHA256
RSA_AES_256_CBC_SHA
RSA_3DES_EDE_CBC_SHA
RSA_RC4_128_SHA
RSA_RC4_128_MD5
RSA_DES_CBC_SHA
RSA_EXPORT_RC2_CBC_40_MD5
RSA_EXPORT_RC4_40_MD5
RSA_NULL_SHA256
RSA_NULL_SHA
RSA_NULL_MD5
RSA_RC2_CBC_128_MD5
RSA_3DES_EDE_CBC_MD5
RSA_DES_CBC_MD5

Extended renegotiation critical mode processing: *PGM Enable Disable
Special indicators:

Define the CA trust list: Yes No
Certificate Revocation List (CRL) checking: Yes No

Online Certificate Status Protocol (OCSP) attributes:
OCSP URL: *PGM Disable Define URL value
URL value:
OCSP Authority Information Access (AIA) processing: *PGM Enable Disable

SSL signature algorithms
*PGM
Define signature algorithms supported: Order
RSA_SHA512
RSA_SHA384
RSA_SHA256
RSA_SHA224
RSA_SHA1
RSA_MD5

Paul


-----Original Message-----
From: MIDRANGE-L [mailto:midrange-l-bounces@xxxxxxxxxxxx] On Behalf Of Tim Bronski
Sent: Tuesday, June 30, 2015 10:46 AM
To: Midrange Systems Technical Discussion
Subject: Re: Where to find certificate info

Did they say this was with a particular PTF? I cannot connect from my
7.1 machine to an FTP server IF the server is configured to only accept
TLS1.2 or even TLS1.1. Only TLS1.0 will work.

On 6/29/2015 9:36 PM, Justin Taylor wrote:
I talked to IBM and 7.1 does support TLS 1.2.



-----Original Message-----
From: Tim Bronski [mailto:tim.bronski@xxxxxxxxx]
Sent: Monday, June 29, 2015 8:51 AM
To: Midrange Systems Technical Discussion
Subject: Re: Where to find certificate info

I might need to correct the OS version level I gave for TLS1.2 support.
I just checked my V7.2 machine and it's there but it's not on my V7.1 box.


--
Need sFTP or PGP? Download your native sFTP or OpenPGP solutions here:
www.arpeggiosoftware.com
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list To post a message email: MIDRANGE-L@xxxxxxxxxxxx To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx Before posting, please take a moment to review the archives at http://archive.midrange.com/midrange-l.


As an Amazon Associate we earn from qualifying purchases.

This thread ...

Follow-Ups:
Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.