Unfortunately, I don't know when it worked last... I do know that SSL still works for IBM System i Access for Windows, so it's not something completely broken on the server.
What I do know is my server certificate was renewed "recently' (September, I think). Also, I think I may have done something with the CA certificate. Also, we require client certificates, so I made a new one of those. I've exported all that and have pem files referenced in my .tn5250rc file. I also know my openssl was upgraded in August. I also applied cumulative PTFs and major groups since the last time I had it working.
What I don't know is what changed that caused the error. Is there something in openssl or tn5250 that is conflicting? Did a PTF change something in SSL on the server?
I've tried some things with the openssl client connection, but the results don't mean much to me. Any recommendations for troubleshooting?
So this implies to me that the first error is something about not trusting the server (since not verifying presents a different error.) Does this also mean my private key has a passphrase on it? (And clearly not something I've tried with ssl_pem_pass=PASSWORD)
This email is confidential, intended only for the named recipient(s) above and may contain information that is privileged. If you have received this message in error or are not the named recipient(s), please notify the sender immediately and delete this email message from your computer as any and all unauthorized distribution or use of this message is strictly prohibited. Thank you.
This mailing list archive is Copyright 1997-2020 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact