Oh. It does say: "If TLS V1.3 is negotiated for a secure connection, certificate validation is done according to RFC 5280 unless explicitly specified." but also still says "The default value is ANY."
That seems a tad bit unclear, should be more like: " The default value is ANY, unless TLS V1.3 is negotiated for a secure connection, in which case certificate validation is done according to RFC 5280 unless explicitly specified." In the meantime, I've verified that adding the environment variable fixes it, so I'm good! Thanks again to all. This all harkens back to two long-departed cow-orkers, who said: Hansen's Law: It's always a certificate problem. Weald's Corollary: Even when it's not a certificate problem, it's a certificate problem. ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
