0 |
Not Set |
Not Set |
Not Set |
The response indicates that the request completed
successfully. |
248 |
Not Set |
Not Set |
Not Set |
If the DCAS uses AT-TLS policies, you must do
the following configuration:- Set the TTLSEnvironmentActions statement HandshakeRole parameter to ServerWithClientAuth.
- Set the TTLSEnvironmentActions -> TTLSEnvironmentAdvancedParms statement ClientAuthType parameter to SAFCHECK
or Required.
|
249 |
Not Set |
Not Set |
Not Set |
DCAS AT-TLS handshake failed or the connection
is not secure. Check the AT-TLS configuration and DCAS log file for
details.
|
250 |
Not Set |
Not Set |
Not Set |
An internal error occurred on the DCAS server.
Request that the system operator obtain a DCAS trace. See z/OS Communications Server: IP Diagnosis Guide for instructions. |
251 |
Not Set |
Not Set |
Not Set |
PassTicket generation failed. The most likely
cause is that the application ID in the DCAS Format 1 or 2 request
does not match a valid PassTicket data profile name defined in the RACF PTKTDATA class.1 |
252 |
8 |
8 |
36 – Certificate is not valid. 40 – Certificate is not mapped to a valid user ID.
|
For a Format 1 type request, RACF has determined that the input certificate
is in error or has not been mapped to a valid RACF user ID. For return codes other than the
ones described, see z/OS Communications Server: IP Diagnosis Guide. |
253 |
10 – Format 1 request has
a certificate length that is not valid. 11 – The
request format is incorrect.
12 – The opcode that us specified in the request is not
valid.
|
Not Set |
Not Set |
The input format 1 or 2 request is incorrect.
Examine Return Code 2 for details. Verify that the input request
to DCAS matches the defined format specifications.
Verify that
DCAS is configured with a SERVERTYPE in the DCAS profile that is
consistent with the input request format.
|
254 |
8 |
8 |
36 – Certificate is not valid. 40 – Certificate is not mapped to a valid user ID.
|
DCAS failed to authenticate the client. The DCAS server has been configured with AUTHTYPE LOCAL2. This requires
that the certificate of the DCAS client (as a result of the SSL handshake)
be mapped to a defined and valid user ID in RACF. The user ID must be permitted to the
following SERVAUTH class profile: EZA.DCAS.cvtsysname. If the DCAS client receives this error, then the user
ID is not permitted to the defined SERVAUTH class profile.
For return
codes other than the ones described, see the Diagnosing problems with Express Logon information in z/OS Communications Server: IP Diagnosis Guide for diagnosing the DCAS.
|
255 |
8 |
8 |
36 – Certificate is not valid. 40 – Certificate is not mapped to a valid user ID.
|
DCAS failed to authenticate the client. The DCAS server has been configured with AUTHTYPE LOCAL2. This requires
that the certificate of the DCAS client (as a result of the SSL handshake)
be mapped to a defined and valid user ID in RACF. If the DCAS client receives this error,
then the certificate does not map to a valid user ID.
Tip: DCAS can call System SSL or use AT-TLS for TLS/SSL. See Customizing DCAS for TLS/SSL in z/OS Communications Server: IP Configuration
Guide. If the DCAS uses AT-TLS policies, do the
following configuration in the policy configuration file: - Set the TTLSEnvironmentActions statement HandshakeRole parameter to ServerWithClientAuth.
- Set the TTLSEnvironmentActions -> TTLSEnvironmentAdvancedParms statement ClientAuthType parameter to SAFCHECK.
|
1 The application
ID required in the DCAS Format 1 and Format 2 requests must match
the name of a valid PassTicket data profile defined in RACF using the PTKTDATA class. See z/OS Security Server RACF Security Administrator's
Guide for information about defining PTKTDATA for
applications.
|