After further investigation I think the incompatibility of cyphers on each
end is not possible to be solved without upgrade to 7.2 / 7.3
Would anybody be able to confirm this or any alternative.
Thank you again
From: Don Brown <DBrown@xxxxxxxxxx>
To: "Midrange Systems Technical Discussion" <midrange-l@xxxxxxxxxxxx>
Date: 18/08/2016 03:52 PM
Subject: (GSKit) No compatible cipher suite available between SSL
Sent by: "MIDRANGE-L" <midrange-l-bounces@xxxxxxxxxxxx>
I really thought I could sort this out without help but ...
Would really appreciate any suggestions.
We are on V7R1 and fairly up to date on PTF's
I have updated system value QSSLPCL to have the following values;
I have updated to HTTPAPI V1.32
A secure gateway we use has advised they are updating their security -
they advised ...
• The SSL security certificate version will be upgraded to SHA-256 hashing
• Only Transport Layer 1.1 and 1.2 protocols to be accepted. (any previous
versions will not be accepted)
• Updates to accepted Ciphers:
I have exported the Root and intermediate certificates from the site and
loaded into DCM successfully
The debug.txt shows the error.
HTTPAPI Ver 1.32 released 2016-02-10
NTLM Ver 1.4.0 released 2014-12-22
OS/400 Ver V7R1M0
DNS resolver retrans: 2
DNS resolver retry : 2
DNS resolver options: x'00000136'
DNS default domain: MSD.local
DNS server found: 10.1.1.31
DNS server found: 22.214.171.124
Nagle's algorithm (TCP_NODELAY) disabled.
SNI hostname set to: test.securepay.com.au
(GSKit) No compatible cipher suite available between SSL end points.
ssl_error(402): (GSKit) No compatible cipher suite available between SSL
SetError() #30: SSL Handshake: (GSKit) No compatible cipher suite
available between SSL end poin
The list of cyphers does not match the knowledge centre reference for 7.1
- I have
This mailing list archive is Copyright 1997-2019 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact