z/OS Cryptographic Services System SSL Programming
Previous topic | Next topic | Contents | Contact z/OS | Library | PDF


402

z/OS Cryptographic Services System SSL Programming
SC14-7495-00

402
No SSL cipher specifications.

Explanation

This error can occur if:
  • The client and server cipher specifications do not contain at least one value in common. Client and server cipher specifications might be limited depending on which System SSL FMIDs are installed. See Cipher suite definitions for more information. Server cipher specifications are dependent on the type of algorithms that are used by the server certificate (RSA, DSA, ECDSA and/or Diffie-Hellman), which might limit the options available during cipher negotiation.
  • No SSL protocols are enabled or if all of the enabled protocols have empty cipher specifications or if the TLS protocol is not enabled while executing in FIPS mode.
  • Attempting to use a certificate with its ECC private key in the ICSF PKDS and only fixed ECDH ciphers are specified.
  • Using the TLS V1.1 or higher protocol and only the 40-bit export ciphers are specified.
  • Using the TLS V1.2 or higher protocol and only 56-bit DES ciphers are specified.
  • Using the TLS V1.2 or higher protocol and none of the server cipher specifications use key algorithms that are listed in the signature algorithms pairs sent by the client.
  • An attempt was made to use a certificate with its DH secure private key in the ICSF PKDS. Only clear private keys are supported.
  • An attempt was made to use a certificate with its ECC secure private key in the ICSF PKDS. Only clear private keys are supported.
  • Using Suite B mode and no required Suite B ciphers were specified.

User response

Ensure that the client and the server have at least one cipher specification in common.

Parent topic: SSL function return codes

Go to the previous page Go to the next page

Notices | Terms of use | Support | Contact z/OS | zFavorites



Copyright IBM Corporation 1990, 2014