I'm sure it's worth fixing FTPS--whatever that takes--but you might find HTTPS easier to manage. I use the latter because I have to: my proxy appliance does not understand TLS syntax.
For the record, FTPS and SFTP are entirely different animals. SFTP is an open source protocol that evolved independently of FTP. FTPS is an extension of FTP with security added to it. Like I said, you may have better luck with HTTPS. . . J.O.Skip Robinson Southern California Edison Company Electric Dragon Team Paddler SHARE MVS Program Co-Manager 323-715-0595 Mobile 626-302-7535 Office [email protected] -----Original Message----- From: IBM Mainframe Discussion List [mailto:[email protected]] On Behalf Of Mark Pace Sent: Tuesday, September 13, 2016 8:08 AM To: [email protected] Subject: (External):Re: IBM FTPS connect Oh hell. I don't know what any of that means. I set it up using the directions from IBM on testing connectivity. The ftp.data file contains. So I assume it's AT-TLS. There must be something within TCPIP that I need to setup also. SECURE_MECHANISM TLS TLSRFCLEVEL CCCNONOTIFY TLSMECHANISM FTP SECURE_FTP REQUIRED SECURE_CTRLCONN CLEAR SECURE_DATACONN PRIVATE KEYRING MP81136/bexarftp EPSV4 TRUE On Tue, Sep 13, 2016 at 11:01 AM, Rob Schramm <[email protected]> wrote: > Is this implemented within FTPD or Policy Agent / AT-TLS? > > On Mon, Sep 12, 2016 at 12:28 PM Mark Pace <[email protected]> wrote: > > > I'm setting up FTPS on a 1.13 system and am a little confused by > > this sequence. It logs on okay showing a secure connect. But then > > it won't > do > > the actual download. So I'm confused if it's the certificate or not. > > > > 220 dhebpcb01 secure FTP server > > ready. > > EZA1701I >>> AUTH > > TLS > > 234 > > TLSv1 > > > > EZA2895I Authentication negotiation > > succeeded > > EZA1701I >>> PBSZ > > 0 > > 200 > > PBSZ=0 > > > > EZA1701I >>> PROT > > P > > 200 PROT command > > successful > > EZA2906I Data connection protection is private EZA1459I NAME > > (deliverycb-bld.dhe.ibm.com:MP81136): > > > > > > > > > > > B0000000 > > > > EZA1701I >>> USER > > B0000000 > > 331 Password required for > > B0000000. > > EZA1789I > > PASSWORD: > > > > > > > > > ********* > > > > EZA1701I >>> > > PASS > > 230 Virtual user B0000000 logged > > in. > > EZA1460I > > Command: > > > > > > > > > CCC > > > > > > > > > > > BINARY > > > > EZA1701I >>> > > CCC > > 200 command channel > > cleared. > > EZA2905I Control connection protection is clear EZA1460I > > Command: > > > > > > > GET "/GIMPAF.XML" "/u/MP81136/test.content/GIMPAF.XML" > > (REPLACE > > EZA1701I >>> TYPE > > I > > 200 Type set to > > I. > > EZA1460I > > Command: > > EZA1701I >>> > > EPSV > > 229 Entering Passive Mode > > (|||65045|) > > EZA1701I >>> RETR > > /GIMPAF.XML > > 150 Opening BINARY mode SSL data connection for /GIMPAF.XML. > > EZA2870I TLS security mechanism negotiation failed - data connection > > closed > > 425 ftpd: (data conn) SSL_accept unspecified error EZA1735I Std > > Return Code = 16425, Error Code = > > 00017 > > EZA1701I >>> > > QUIT > > > > -- > > The postings on this site are my own and don’t necessarily represent > > Mainline’s positions or opinions > > > > Mark D Pace > > Senior Systems Engineer > > Mainline Information Systems ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
