DB2 SSL port

Par Pour

DB2 SSL port

Hello everyone!

At our workshop, we are trying to set up DB2 SSL port. We have closely followed the steps in the corresponding document (in two test systems just to make sure we have done everything right). Yet when we try to connect using IBM DATA STUDIO or even through another DB2 subsystem (installed in another system that can ping the server system), we get BPXF024I and EZD282I messages leading to a connection close on the server. Also on the client, we receive SQL4499N on IDS and 00D31205 on the DB2 requester system. 

Does anyone have any idea what the problem might be?

Thank you very much

Best regards,

Par

Lizette Koehler

DB2 SSL port
(in response to Par Pour)
It will help if you can post the complete text of the messages

What version of DB2 and what version of the os?

Lizette


Sent from EarthLink Mobile mail
On 12/30/17, 10:12 PM, Par Pour <[login to unmask email]> wrote:

From: Par Pour <[login to unmask email]>
To: [login to unmask email]
Subject: [DB2-L] - DB2 SSL port
Date: December 30, 2017 at 10:12:25 PM MST
Hello everyone!
At our workshop, we are trying to set up DB2 SSL port. We have closely followed the steps in the corresponding document (in two test systems just to make sure we have done everything right). Yet when we try to connect using IBM DATA STUDIO or even through another DB2 subsystem (installed in another system that can ping the server system), we get BPXF024I and EZD282I messages leading to a connection close on the server. Also on the client, we receive SQL4499N on IDS and 00D31205 on the DB2 requester system. 
Does anyone have any idea what the problem might be?
Thank you very much
Best regards,
Par


Site Links: View post online   View mailing list online   Start new thread via email   Unsubscribe from this mailing list   Manage your subscription  

This email has been sent to: [login to unmask email]
Setup a data refresh task in less time than it takes to make a cup of coffee + save up to 90% in CPU
ESAi's BCV5 & XDM fast data refresh & Test Data Mgmt products will make you a hero to users. See
http://www.ESAIGroup.com/idug


Use of this email content is governed by the terms of service at:
http://www.idug.org/p/cm/ld/fid=2

Par Pour

RE: DB2 SSL port
(in response to Lizette Koehler)

Thank you very much for your reply Lizette.

We use z/OSv1r12 and DB2v10.

Here are the error messages when I try to connect to the database using IDS ssl connection:

**************************************

BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 754
EZD1281I TTLS Map CONNID: 000003B7 LOCAL: 172.116.110.196..4445
REMOTE: 172.120.140.145..52565 JOBNAME: DSN1DIST USERID: IBMUSER TYPE:
InBound STATUS: Enabled RULE: DSN1SecureServer ACTIONS: [login to unmask email]
ct [login to unmask email] **N/A**
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 755
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000000 CONNID: 000003B7
RC: 0 Connection Init
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 756
EZD1282I TTLS Start GRPID: 00000003 ENVID: 00000007 CONNID: 00000000
Environment Create ACTIONS: [login to unmask email] [login to unmask email]
**N/A**
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 757
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000008 CONNID: 00000000
RC: 0 Environment Master Create 00000007
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 758
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000008 CONNID: 00000000
RC: 0 Environment Master Init 7ED39D78
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 759
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000007 CONNID: 00000000
RC: 0 Environment Link 7ED39D78 00000008
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 760
EZD1282I TTLS Start GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
Initial Handshake ACTIONS: [login to unmask email] [login to unmask email]
**N/A** HS-Server
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 761
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
RC: 0 Initial Handshake 7EBD6418 7ED39D78 TLSV1.1 33
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 762
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
RC: 0 Receive FIN 00000035
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 763
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
RC: 0 Receive Reset
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 764
EZD1282I TTLS Start GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
Connection Close ACTIONS: [login to unmask email] [login to unmask email]
**N/A**
BPXF024I (IBMUSER) Dec 31 06:04:09 TTLS 50331676 : 09:34:18 TCPIP 765
EZD1283I TTLS Event GRPID: 00000003 ENVID: 00000007 CONNID: 000003B7
RC: 0 Connection Close 7EBD6418 7ED39D78

***************************************

As can be seen, it proceeds to the Initial Handshake but then for some reason it receives a Connection Reset and then the connection is closed. We have no idea why the requester/client sends the reset flag...

Marcel Harleman

Betr: DB2 SSL port
(in response to Par Pour)

Hi,

did you also look up the message in the policy agent logfiles? What are
they?

Regards,

Marcel.





Van: Par Pour <[login to unmask email]>
Aan: [login to unmask email]
Datum: 31-12-2017 06:12
Onderwerp: [DB2-L] - DB2 SSL port



Hello everyone!


At our workshop, we are trying to set up DB2 SSL port. We have closely
followed the steps in the corresponding document (in two test systems just
to make sure we have done everything right). Yet when we try to connect
using IBM DATA STUDIO or even through another DB2 subsystem (installed in
another system that can ping the server system), we get BPXF024I and
EZD282I messages leading to a connection close on the server. Also on the
client, we receive SQL4499N on IDS and 00D31205 on the DB2 requester
system.


Does anyone have any idea what the problem might be?


Thank you very much


Best regards,


Par




Site Links: View post online View mailing list online Start new thread
via email Unsubscribe from this mailing list Manage your subscription


This email has been sent to: [login to unmask email]


Setup a data refresh task in less time than it takes to make a cup of
coffee + save up to 90% in CPU
ESAi's BCV5 & XDM fast data refresh & Test Data Mgmt products will make you
a hero to users. See
http://www.ESAIGroup.com/idug



Use of this email content is governed by the terms of service at:
http://www.idug.org/p/cm/ld/fid=2








------------------------------------------------------------------------
De Belastingdienst stelt e-mail niet open voor aanvragen, aangiften, bezwaarschriften, verzoeken, klachten, ingebrekestellingen en soortgelijke formele berichten.
Dit bericht is uitsluitend bestemd voor de geadresseerde. Het bericht kan vertrouwelijke informatie bevatten waarvoor de fiscale geheimhoudingsplicht geldt. Als u dit bericht per abuis hebt ontvangen, wordt u verzocht het te verwijderen en de afzender te informeren.

The Dutch Tax and Customs Administration does not accept filings, requests, appeals, complaints, notices of default or similar formal notices, sent by email.
This message is solely intended for the addressee. It may contain information that is confidential and legally privileged. If you are not the intended recipient please delete this message and notify the sender.
Attachments

  • graycol.gif (<1k)