IBM Support

EZA2897I issued when implementing AT-TLS and testing FTP client rule

Question & Answer


Question

We are implementing AT-TLS, and have been testing a rule that is for the FTP client. As part of our implementation of AT-TLS, we removed the keyring and ciphers from the FTP client data file. The following error messages were issued:

FC0196 ftpAuth: entered
FC0231 ftpAuth: security values: mech=TLS, tlsmech=FTP, sFTP=R, sCC=C,
sDC=P
FC0278 ftpAuth: ........ cipherspecs =
FC0283 ftpAuth: no keyring
EZA2897I Authentication negotiation failed

Answer

The FC0231 message indicates 'tlsmech=FTP', which signifies that TLSMECHANISM FTP is coded, or defaults, in the FTPDATA that the FTP client is using. To inform FTP that the AT-TLS will be the mechanism to secure the connection, code TLSMECHANISM ATTLS. This will allow you to remove the KEYRING and ciphers from the FTPDATA without problems.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Product Synonym

ZOSCS COMMSERVER

Document Information

Modified date:
15 April 2015

UID

dwa1184125