× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.


  1.  Home
  2. MIDRANGE-L
  3. September 2015

Re: IBM ADMIN Instance Error

It's a normal error, if you google it you will find tons of references. The
admin instance (of whose IBM i machine you have forgotten to tell us the
release and PTF level) is backleveled enough that it's still using
deprecated SSL cyphers. You might have heard of all the recent SSL/bash/etc
vulnerabilities. One of the browsers ways to force servers to upgrade was
to deprecate the vulnerable protocols (IIRC all of SSLv3 is vulnerable and
they are using TLS now)
To make it short, you either use an older browser (like a portable version
of Firefox say 20, 30?) or you bring the IBM i partition up to date on the
HTTP, JAVA and related groups so the admin instance runs with the current
encryption.

Best Regards,

Roberto

On Wed, Sep 16, 2015 at 4:44 PM, Art Duarte <art.duarte@xxxxxxx> wrote:

Hello,

Anyone have an idea what this error means when trying to access the IBM
admin page (<host ip>:2001)

Firefox
Cannot communicate securely with peer: no common encryption algorithm(s).
(Error code: ssl_error_no_cypher_overlap)

Chrome
ERR_SSL_VERSION_OR_CIPHER_MISMATCH
A secure connection cannot be established because this site uses an
unsupported protocol.


Sometime ago I was messing with the QSSLCSL , QSSLCSLCTL,QSSLPCL
values. Here are the values:

QSSLCSL
*RSA_RC4_128_MD5
*RSA_EXPORT_RC4_40_MD5
*RSA_EXPORT_RC2_CBC_40_MD5
*RSA_RC2_CBC_128_MD5
*RSA_3DES_EDE_CBC_MD5
*RSA_DES_CBC_MD5

QSSLCSLCTL
Cipher control . . . . : *OPSYS

QSSLPCL
Protocols
*SSLV2

Not Sure if that has anything to do with error, or something else. Your
help is much appreciated.

Thank you
Art Duarte
--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: http://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxx
Before posting, please take a moment to review the archives
at http://archive.midrange.com/midrange-l.



As an Amazon Associate we earn from qualifying purchases.

This thread ...
Replies:
Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.