Page 1 of 1

SSL error using x3270 <SOLVED>

Posted: Sat Feb 20, 2021 12:00 pm
by Tony229
Hi All
Let me start by stating that I'm a complete newbie so please excuse my ignorance.
I'm getting a "TLS: SSL_connect failed-1: reason(0)" error when using x3270 to connect to a host that only support TLSv1.0.
I'm using x3270 v4.0 running on Linux Miny 20 Cinnamon, Cinnamon version 4.6.7, Linux Kernel 5.4.0-64-generic.
I've run a wireshark trace and it looks like it's a protocol version issue so I'm assuming it's the TLS version.
I've tried updating my openssl.cnf file to allow TLSv1.0. (and rebooting)
I've tried prepending the host name with L:Y: when making the x3270 connection
All to no avail, I'm still getting the same error.
I've attached a copy of my openssl.cnf file, a copy of the wireshark conversation, and a copy of the x3270 trace.
Any assistance or suggestions would be appreciated.


After all this I managed to resolve the problem with this link from stackoverflow. ... -available

As a newbie I was initially caught out as I had read earlier that the first section in the openssl.cnf file is the default section and spans until the first named section.
I took this to mean that I didn't need to specify "openssl_conf = default_conf" if I included the other settings at the top.
This is where I went wrong. My problem was solved once I specified "openssl_conf = default_conf" at the top and create a "[default_conf]" section at the bottom along with the ssl_conf sections.
I've attached my customized openssl_cust.cnf file for reference.