[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SHA-256 certificates and TLS 1.0 for HTTPS

From: Robert Romano <rromano@xxxxxxxxxx>
To: "ftpapi@xxxxxxxxxxxxxxxxxxxxxx" <ftpapi@xxxxxxxxxxxxxxxxxxxxxx>
Subject: SHA-256 certificates and TLS 1.0 for HTTPS
Date: Thu, 16 Jul 2015 14:57:23 +0000

   Hello,


   I was hoping to re-open the discussion on "v5r4 SHA-256 certificates
   and TLS 1.0 for HTTPS" from earlier this year. I have a similar issue
   where I am stuck on V5R4 of the operating system (long story) and until
   recently was able to use HTTPAPI with a partner using a SHA 1
   certificate. They have moved to a SHA2 cert and I now receive an error
   message "SSL Handshake: (GSKit) Certificate was rejected by the
   application supplied exit".


   I see the assertion from a March 12, 2015 post that SHA2 requires
   TLS1.1 or TLS1.2 which are not available for V5R4, but I also see many
   references on IBM's web site that say the V5R4 does support SHA-256. I
   created a new *SYSTEM cert in the certificate store with a size of 256
   and made it the default but get the same error. Is supporting SHA2
   possible on V5R4 and, if so, does anyone have any advice on what I need
   to do?


   Thanks for any help.


   Bob

-----------------------------------------------------------------------
This is the FTPAPI mailing list.  To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: SHA-256 certificates and TLS 1.0 for HTTPS
  - From: Ian Patterson
- Re: SHA-256 certificates and TLS 1.0 for HTTPS
  - From: Scott Klement

Prev by Date: httpapi error: SetError() #43: CommSSL_Read: time-out!
Next by Date: Re: SHA-256 certificates and TLS 1.0 for HTTPS
Previous by thread: Re: httpapi error: SetError() #43: CommSSL_Read: time-out!
Next by thread: Re: SHA-256 certificates and TLS 1.0 for HTTPS
Index(es):
- Date
- Thread