It is definitely TLS and not ATTLS. GSKSRVR trace is your friend.
Biggest issues that i have had -Self signed certs are not allowed courtesy of TLS 1.0 -RFC level is very important!!! -Firewalls and extended pasv are not supported by many clients Rob On May 7, 2014 11:51 AM, "Mark Pace" <[email protected]> wrote: > Crap - I've gotten myself so confused. > That was a client certificate I put in many years ago when we did SSL on > our TN3270 connections. I think I still need to add the Go Daddy root > certificate, which what I thought that one was. How I hate this stuff. > > > On Wed, May 7, 2014 at 11:43 AM, Donald J. <[email protected]> wrote: > > > The DEFAULT YES would be used for a client certificate, > > not for a CERTAUTH entry. > > > > -- > > Donald J. > > > > > Digital ring information for user IBMUSER: > > > > > > Ring: > > > >FtpSecur< > > > Certificate Label Name Cert Owner USAGE DEFAULT > > > -------------------------------- ------------ -------- ------- > > > GeoTrust Global CA CERTAUTH CERTAUTH NO > > > * Go Daddy Class 2 CERTAUTH CERTAUTH YES* > > > > > > > -- > > http://www.fastmail.fm - mmm... Fastmail... > > > > ---------------------------------------------------------------------- > > For IBM-MAIN subscribe / signoff / archive access instructions, > > send email to [email protected] with the message: INFO IBM-MAIN > > > > > > -- > The postings on this site are my own and don’t necessarily represent > Mainline’s positions or opinions > > Mark D Pace > Senior Systems Engineer > Mainline Information Systems > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
