× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



This hit us about a month ago now. Clients using V6 of client access or older couldn't connect anymore. Upgrading to V7 fixed them. Still no plans for rolling out iAccess to everybody. Only myself and some other power users are on it so far :(

On Thu, 2020-07-30 at 16:12 -0300, Roberto José Etcheverry Romero wrote:

I understand. What I meant is that a PTF enabling TLSv1.3 shouldn't

interfere with anything. They should gracefully negotiate down to what they

do handle. As always not everything works as expected...

In any case it is good to know of these problems so as to avoid them (I do

have a customer that just enabled TLSv1.2 and I mentioned that as soons he

installs the latest PTF he could enable 1.3 as well, so I will warn them to

test before keeping 1.3 enabled).

Thanks


On Thu, Jul 30, 2020 at 2:32 PM Steinmetz, Paul <

<mailto:PSteinmetz@xxxxxxxxxx>

PSteinmetz@xxxxxxxxxx



wrote:


Roberto,




The fix is removing TLSv1.3 as the default, TLSv1.2 will now be the

default. Some hardware/software in the equation is not handling TLSv1.3.


This worked for us.




Paul




*From:* Roberto José Etcheverry Romero <

<mailto:yggdrasil.raiker@xxxxxxxxx>

yggdrasil.raiker@xxxxxxxxx



*Sent:* Thursday, July 30, 2020 12:11 PM

*To:* Midrange Systems Technical Discussion <

<mailto:midrange-l@xxxxxxxxxxxxxxxxxx>

midrange-l@xxxxxxxxxxxxxxxxxx



*Cc:* Steinmetz, Paul <

<mailto:PSteinmetz@xxxxxxxxxx>

PSteinmetz@xxxxxxxxxx



*Subject:* Re: 5250 SSL issue after latest PTF



------------------------------


CAUTION: This email originated from outside of the PENCOR network. Do not

click on any links or open attachments unless the sender is known, and the

content is verified as safe.

------------------------------


Paul,




If the fix is only adding protocols and ciphers, why would it be a

problem? AFAIK most if not all programs do a handshake and compare

compatible protocols/ciphers until they figure out what to use.




Roberto




On Thu, Jul 30, 2020 at 12:54 PM Steinmetz, Paul via MIDRANGE-L <

<mailto:midrange-l@xxxxxxxxxxxxxxxxxx>

midrange-l@xxxxxxxxxxxxxxxxxx

wrote:


I had other SSL issues related to latest PTFs.


TLSv1.3 enabled by default with latest PTFs.

Disable TLSv1.3


QSSLCSLCTL will be changed from *OPSYS to *USRDFN


QSSLPCL will be changed from *OPSYS to


:*TLSV1.2

*TLSV1.1

*TLSV1


TLSV1.3 ciphers also have to be removed from QSSLCSL

*AES_128_GCM_SHA256

*AES_256_GCM_SHA384

*CHACHA20_POLY1305_SHA256

*ECDHE_ECDSA_CHACHA20_POLY1305_SHA256

*ECDHE_RSA_CHACHA20_POLY1305_SHA256


Paul


-----Original Message-----

From: MIDRANGE-L <

<mailto:midrange-l-bounces@xxxxxxxxxxxxxxxxxx>

midrange-l-bounces@xxxxxxxxxxxxxxxxxx

On Behalf Of

kannan r

Sent: Thursday, July 30, 2020 11:48 AM

To:

<mailto:midrange-l@xxxxxxxxxxxxxxxxxx>

midrange-l@xxxxxxxxxxxxxxxxxx


Subject: 5250 SSL issue after latest PTF


________________________________

CAUTION: This email originated from outside of the PENCOR network. Do not

click on any links or open attachments unless the sender is known, and the

content is verified as safe.

________________________________


Hi,


IBM I Access 5250 is not working after the latest PTF. Its throwing SSL

error "CWBCO1034 - SSL error, function returned 25202" when connecting via

port 992.

Normal port 23 is working fine. And via 992 port in ACS is working fine.


Any suggestions.


Thanks,

Kannan.

--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing

list To post a message email:

<mailto:MIDRANGE-L@xxxxxxxxxxxxxxxxxx>

MIDRANGE-L@xxxxxxxxxxxxxxxxxx

To subscribe,

unsubscribe, or change list options,

visit:

<https://lists.midrange.com/mailman/listinfo/midrange-l>

https://lists.midrange.com/mailman/listinfo/midrange-l


or email:

<mailto:MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx>

MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx


Before posting, please take a moment to review the archives at

<https://archive.midrange.com/midrange-l>

https://archive.midrange.com/midrange-l

.


Please contact

<mailto:support@xxxxxxxxxxxxxxxxxxxx>

support@xxxxxxxxxxxxxxxxxxxx

for any subscription related

questions.


Help support midrange.com by shopping at amazon.com with our affiliate

link:

<https://amazon.midrange.com>

https://amazon.midrange.com


--

This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list

To post a message email:

<mailto:MIDRANGE-L@xxxxxxxxxxxxxxxxxx>

MIDRANGE-L@xxxxxxxxxxxxxxxxxx


To subscribe, unsubscribe, or change list options,

visit:

<https://lists.midrange.com/mailman/listinfo/midrange-l>

https://lists.midrange.com/mailman/listinfo/midrange-l


or email:

<mailto:MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx>

MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx


Before posting, please take a moment to review the archives

at

<https://archive.midrange.com/midrange-l>

https://archive.midrange.com/midrange-l

.


Please contact

<mailto:support@xxxxxxxxxxxxxxxxxxxx>

support@xxxxxxxxxxxxxxxxxxxx

for any subscription related

questions.


Help support midrange.com by shopping at amazon.com with our affiliate

link:

<https://amazon.midrange.com>

https://amazon.midrange.com






[https://www.medtronsoftware.com/img/MedtronMinilogo.bmp] Kevin Bucknum
Senior Programmer Analyst
MEDDATA / MEDTRON
120 Innwood Drive
Covington LA 70433
Local: 985-893-2550
Toll Free: 877-893-2550
https://www.medtronsoftware.com



CONFIDENTIALITY NOTICE

This document and any accompanying this email transmission contain confidential information, belonging to the sender that is legally privileged. This information is intended only for the use of the individual or entity named above. The authorized recipient of this information is prohibited from disclosing this information to any other party and is required to destroy the information after its stated need has been fulfilled. If you are not the intended recipient, or the employee of agent responsible to deliver it to the intended recipient, you are hereby notified that any disclosure, copying, distribution or action taken in reliance on the contents of these documents is STRICTLY PROHIBITED. If you have received this email in error, please notify the sender immediately to arrange for return or destruction of these documents.

As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2024 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.