Why are FTP connections getting EZD1286I with code 5003?

Question & Answer

Question

I am in the process of changing the FTP clients from using native SSL (TLSMECHANISM FTP) to using AT-TLS policies (TLSMECHANISM ATTLS). Attempts to connect to the server fail, and the following message is being logged:

TTLS[19]: 13:23:59 TCPIP EZD1286I TTLS Error GRPID: 00000002 ENVID: 00000001 CONNID: 0000001D LOCAL: 10.9.8.7..1025 REMOTE: 10.11.12.13..21 JOBNAME: FTPUSERA USERID: FTPUSER RULE: FTPrule RC: 5003 Data Decryption

Answer

RC 5003 will occur when the AT-TLS process is expecting an SSL message (in this case, the Server Hello) but receives a clear-text message. The FTPS protocol exchanges clear text messages between the server and the client before starting the SSL handshake. Because of this, the AT-TLS policies for FTP (both server and client related) must specify ApplicationControlled On in the TTLSConnectionAdvancedParms statement. Letting this option default to Off will cause this failure.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Product Synonym

ZOSCS COMMSERVER

Was this topic helpful?

Document Information

Modified date:
02 April 2018

UID

dwa1424870

Tips