AS/400 FTP error- TCP3D2C Secure connection error, return code -24
I am trying to FTP from Backup AS/400 box to our Production AS/400 box or visa versa and I get the following error when trying to transfer a file of any significant size(larger than 1Kb):
Software/Hardware used:
AS/400, AS/400 FTP
Software/Hardware used:
AS/400, AS/400 FTP
ASKED:
November 13, 2009 4:36 PM
UPDATED:
February 15, 2010 3:03 PM
Answer Wiki:
If line configuration set line speed 100M both sistem can't ftp. Must set *AUTO Lİne Speed and Dublex .
I apologize, Part of my question from above is missing... Here is the full error message that I'm getting and some more infrormation....
Message ID . . . . . . : TCP3D2C Severity . . . . . . . : 10
Message type . . . . . : Diagnostic
Date sent . . . . . . : 10/06/09 Time sent . . . . . . : 10:00:06
Message . . . . : Secure connection error, return code -24.
Cause . . . . . : Secure Sockets Layer (SSL) function SSL_Init_Application
returned code -24:
Value Description
----- -----------------------------------------------------------
-24 The validity time period of the certificate is expired.
I changed the FTP attribute on the Backup AS/400 so that Secure Socket Layer support to be started with server is Non-secure only. This doesn’t seem to have made a difference.
I can FTP to both machines from my PC, and transfer files with out a problem although it seems to crawl at a snails pace. Any ideas would be appreciated.
Thanks.
-ShawnPgmr
________________________
If a certificate is required by web processes on the iSeires and has expired, you should renew the cert as changing the FTP attribute to Non SSL may cause errors there.
Since it works from your desktop, the cert must be specific to the iSeires when it was generated.
If you're certain the cert is no longer required, login to the DCM and delete the cert or assign no apps to it.
What error do you get when you try Non SSL?
To see all answers submitted to the Answer Wiki: View Answer History.
When I FTP from our BackUp box to the Production box I get the following error in the job log on the Production box:
0 DDM conversations ended, 0 remain active.
Object changed for QTEMP in QSYS type *LIB.
Secure connection error, return code -24.
Job 991843/QTCP/QTFTP00200 submitted to job queue QSYSNOMAX in library
QSYS.
FTP operation denied by Host Application Administration.
In the FTP session on the BackUp box I get these messages:
Unable to receive data from TCP/IP.
426-Unable to send data to TCP/IP.
426 Data transfer ended.
226 ABOR subcommand received; no transfer in progress.
“FTP operation denied by Host Application Administration.”
Tjhe DCM has assigned apps to the cert installed, most likely the FTP Server and possibly the TelentServer.
You have to renew the cert with the CA (Verisign, RSA, etc.) and install new cert with the same apps currently assigned to the expired cert.
Or as noted prior, if you are certain you are no longer using the cert for SSL, login to the DCM and delete the cert or assign no apps to it. If you need assistance installing the new cert, just reply and I will list the steps to do so.
Whatis23, how do I assign no apps to the expired certificate? I’ve signed to the DCM but i can’t see where I would unassign apps to a certificate.