Hi All,

I really thought I could sort this out without help but ...

Would really appreciate any suggestions.

We are on V7R1 and fairly up to date on PTF's

I have updated system value QSSLPCL to have the following values;

I have updated to HTTPAPI V1.32

A secure gateway we use has advised they are updating their security -
they advised ...

• The SSL security certificate version will be upgraded to SHA-256 hashing
• Only Transport Layer 1.1 and 1.2 protocols to be accepted. (any previous
versions will not be accepted)
• Updates to accepted Ciphers:

I have exported the Root and intermediate certificates from the site and
loaded into DCM successfully

The debug.txt shows the error.

HTTPAPI Ver 1.32 released 2016-02-10
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R1M0

http_persist_open(): entered
http_long_ParseURL(): entered
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: MSD.local
DNS server found:
DNS server found:
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: test.securepay.com.au
(GSKit) No compatible cipher suite available between SSL end points.
ssl_error(402): (GSKit) No compatible cipher suite available between SSL
end points.
SetError() #30: SSL Handshake: (GSKit) No compatible cipher suite
available between SSL end poin

The list of cyphers does not match the knowledge centre reference for 7.1
- I have

Thank you for any assistance

Don Brown

This thread ...


Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].