1 Handle is not valid.

Explanation

The environment or SSL handle specified on a System SSL function call is not valid.

User response

Call the gsk_environment_open() function to create an environment handle or the gsk_secure_socket_open() function to create an SSL handle.

3 An internal error has occurred.

Explanation

The System SSL runtime library detected an internal processing error.

User response

Retry the operation. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

4 Insufficient storage is available

Explanation

The System SSL runtime library is unable to obtain storage for an internal control block.

User response

Increase the storage available to the application and then retry the failing operation.

5 Handle is in the incorrect state.

Explanation

The SSL handle is in the incorrect state for the requested operation.

User response

Correct the application to request SSL functions in the proper sequence.

6 Key label is not found.

Explanation

The requested key label is not found in the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token. When using a PKCS #12 file, this error can also occur when the file is being processed during the establishment of the SSL/TLS environment when a certificate is encountered where there is no friendly name PKCS #12 attribute and the certificate's subject distinguished name is empty.

User response

Specify a label that exists in the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token. If encountered when establishing an SSL/TLS environment using a PKCS #12 file, verify any certificate that has no subject distinguished name is assigned a PKCS #12 friendly name attribute.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

Start of changeIf using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.End of change

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

7 No certificates available.

Explanation

The key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token does not contain any certificates, or the SSL client application does not have a certificate available when authentication is requested by the server.

User response

Check for available certificates and add the user certificate and any necessary certification authority certificates to the key database, SAF key ring, or z/OS PKCS #11 token if necessary.

If using a PKCS #12 file, ensure that the file contains the necessary certificates.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

If using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available. Specify a certificate for the client application to use.

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

8 Certificate validation error.

Explanation

An error is detected while validating a certificate. This error can occur for the following reasons:
  • The root CA certificate is not found in the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token.
  • The certificate is not marked as a trusted certificate.
  • The certificate requires an algorithm or key size that is non-FIPS while executing in FIPS mode.
  • The certificate does not validate properly according to the specifications of RFCs 2459, 3280, 5280, or 5759. The validation mode is determined by the GSK_CERT_VALIDATION_MODE setting. RFC 5759 certificate validation is only done when GSK_SUITE_B_PROFILE is set to 128MIN or 192MIN which overrides the GSK_CERT_VALIDATION_MODE setting.
  • If TLS V1.3 is negotiated for a secure connection, certificate validation is done according to RFC 5280 unless the GSK_CERT_VALIDATION_MODE setting is explicitly specified.

User response

The following must be verified depending upon the error that is encountered:
  • Verify that the root CA certificate is in the key database, PKCS #12 file, SAF key ring, or z/OS PKCS#11 token and is marked as trusted.
  • Check all certificates in the certification chain and verify that they are trusted and are not expired.
  • If executing in FIPS mode, check that only FIPS algorithms and key sizes are used by the certificate. For more information, see System SSL and FIPS 140-2.
  • Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change
  • If using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.
  • Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change
  • Verify the certificates in the peer certificate chain adhere to the RFC specifications of the certificate validation mode. The RFCs indicate the required and optional characteristics of the certificates. If GSK_SUITE_B_PROFILE is set to 128MIN or 192MIN, see Suite B cryptography support for more information.

Collect a System SSL trace that contains the error and then contact your service representative if the problem persists.

9 Cryptographic processing error.

Explanation

Start of changeAn error is detected by a cryptographic function. This error might also occur while running in FIPS mode when negotiating a secure connection in the following cases:
  • Using a non-FIPS key size.
  • Using a non-FIPS elliptic curve.
  • Using a triple DES cipher and the negotiated triple DES session key does not have three unique key parts.
End of change

User response

If the error occurred while executing in FIPS mode, check that only FIPS key sizes Start of changeor elliptic curvesEnd of change are used. If the error occurred during the establishment of a secure connection in FIPS mode using a triple DES cipher, retry the connection. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

For more information about FIPS key sizes, see System SSL and FIPS 140-2 and see Cipher suite definitions for information about supported ciphers.

10 ASN processing error.

Explanation

An error is detected while processing a certificate field. This error can also occur when a TLS client or server received a message containing a TLS extension that was not correctly formed. The TLS extension data may contain a length field that has an incorrect value.

User response

If using TLS extensions, ensure that the TLS extension data is correct for both the TLS server and client. If the error persists, collect a System SSL trace containing the error and then contact your service representative.

11 LDAP processing error.

Explanation

An error is detected while setting up the LDAP environment or retrieving an LDAP directory entry.

User response

Ensure that the LDAP server is running and that there are no network errors. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

12 An unexpected error has occurred.

Explanation

An unexpected error is detected by the System SSL run time.

User response

Collect a System SSL trace containing the error and then contact your service representative.

13 Size specified for supplied structure is too small

Explanation

The value of the size field in the structure indicates that the size of the structure is insufficient.

User response

Ensure that the size field in the structure that is being used is initialized to the size of structure.

14 Required gsk_all_cipher_suites structure not supplied

Explanation

A gsk_all_cipher_suites structure required by the API was not supplied on the function call.

User response

Ensure that all parameters required by the API are specified on the function call

102 Error detected while reading certificate database

Explanation

An error is detected while reading the key database, the PKCS #12 file, or retrieving entries from the SAF key ring or z/OS PKCS #11 token.

User response

If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

103 Incorrect key database record format.

Explanation

The record format for a key database entry is not correct. This error can occur if the name of a request database is provided instead of the name of a key database.

User response

Ensure that the correct database name is used. Collect a System SSL trace containing a dump of the keyfile entry and then contact your service representative if the error persists.

106 Incorrect key database password.

Explanation

The System SSL run time is unable to decrypt a key database entry. Either the supplied database password is incorrect or the database is damaged.

User response

Ensure that the correct key database password is used. Re-create the database if the error persists.

109 No certification authority certificates.

Explanation

The key database, SAF key ring, or z/OS PKCS #11 token does not contain any valid certification authority certificates. The SSL run time needs at least one CA or self-signed certificate to perform client authentication.

User response

Add the necessary certificates to the key database, SAF key ring, or z/OS PKCS #11 token and ensure that existing certificates are valid, have not expired, and are marked as trusted certificates.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

If using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

201 No key database password supplied.

Explanation

A password stash file is specified but the SSL run time is unable to read the password from the stash file.

User response

Verify that the password stash file exists and both the file and directory path are accessible to the application. Re-create the password stash file if the error persists.

202 Error detected while opening the certificate database.

Explanation

An error is detected while opening the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token. This error can occur if no name is supplied or the database, PKCS #12 file, key ring, or token does not exist. When using a PKCS #12 file, the file name cannot end with .kdb, .rdb or .sth.

User response

Verify that the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token exists and is accessible by the application. This value is case-sensitive. Ensure that the case is preserved with your request. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

203 Unable to generate temporary key pair

Explanation

An error is detected while generating a temporary key pair.

User response

Collect a System SSL trace containing the error and then contact your service representative.

204 Key database password is expired.

Explanation

The key database password is expired.

User response

Use the gskkyman utility to assign a new password for the key database.

302 Connection is active.

Explanation

An SSL secure connection operation cannot be completed because of an active request for the connection.

User response

Retry the failing request when the currently active request completed.

401 Certificate is expired or is not valid yet.

Explanation

The current time is either before the certificate start time or after the certificate end time.

User response

Obtain a new certificate if the certificate is expired or wait until the certificate becomes valid if it is not valid yet.

402 No SSL cipher specifications.

Explanation

This error can occur if:
  • The client and server cipher specifications do not contain at least one value in common. Client and server cipher specifications might be limited depending on which System SSL FMIDs are installed. See Cipher suite definitions for more information. Server cipher specifications are dependent on the type of algorithms that are used by the server certificate (RSA, DSA, ECDSA, or Diffie-Hellman), which might limit the options available during cipher negotiation.
  • No SSL protocols are enabled or if all of the enabled protocols have empty cipher specifications or if the TLS protocol is not enabled while executing in FIPS mode.
  • A client supporting only SSL V2 has specified session ID cache reuse by specifying GSK_ENABLE_CLIENT_SET_PEERID set to ON or GSK_REQ_CACHED_SESSION set to ON. Session ID cache reuse is not supported with protocol SSL V2.
  • A server supporting only SSL V2 has specified session ID cache reuse through the GSK_SID_VALUE attribute.
  • Session ID cache reuse is not supported with protocol SSL V2.
  • Attempting to use a certificate with its ECC private key in the ICSF PKDS and only fixed ECDH ciphers are specified.
  • Using the TLS V1.1 or higher protocol and only the 40-bit export ciphers are specified.
  • Using TLS V1.2 and only 56-bit DES ciphers are specified.
  • Using TLS V1.2 and none of the server cipher specifications use key algorithms that are listed in the signature algorithms pairs sent by the client.
  • An attempt was made to use a certificate with its DH secure private key in the ICSF PKDS. Only clear private keys are supported.
  • An attempt was made to use a certificate with its ECC secure private key in the ICSF PKDS. Only clear private keys are supported.
  • Using Suite B mode and no required Suite B ciphers were specified.
  • Start of changeUsing protocol TLS V1.0, TLS V1.1, or TLS V1.2, any specified ephemeral elliptic curve (ECDHE) cipher suite is ignored if the client and server do not have a supported elliptic curve in common.End of change
  • The server has selected TLS V1.3, but there are no TLS V1.3 cipher specifications specified.
  • Start of changeThe remote partner indicated a handshake failure which is a generic error that is encountered during the handshake. This can occur for various reasons including that the remote partner required the extended master secret extension, but it was not specified on this connection.End of change

User response

Ensure that the client and the server have at least one cipher specification and protocol in common. Verify that specified session identifier is correct, not expired, that the cache is large enough to hold the cached session entry, and that maximum connection has not been reached.

Start of changeIf an ephemeral elliptic curve (ECDHE) cipher is expected to be used, ensure that the client and server have a supported elliptic curve or group specification in common. The client provides its list of supported elliptic curves as part of the TLS handshake. If the server does not support at least one elliptic curve supported by the client, TLS_ECDHE cipher suites cannot be used. TLS_ECDHE_ECDSA cipher suites cannot be used if the server’s certificate does not match one of the client’s supported elliptic curves. A z/OS System SSL client specifies the list of supported elliptic curves through the GSK_CLIENT_ECURVE_LIST setting. An empty client list means all elliptic curves supported can be used. The FIPS setting may further restrict what elliptic curves can be used. A z/OS System SSL server specifies the list of supported elliptic curves through the GSK_SERVER_ALLOWED_KEX_ECURVES setting. See Table 5 for supported curves or groups.End of change

403 No certificate received from partner.

Explanation

The required certificate was not received from the communication partner.

User response

Ensure that the remote application is sending the certificate. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

405 Certificate format is not supported.

Explanation

The certificate received from the communication partner is not supported during the negotiated SSL or TLS protocol handshake.

User response

If an ECC certificate is received from the communication partner during a TLS V1.0, TLS V1.1, or TLS V1.2 handshake, the certificate's elliptic curve must be specified in the GSK_CLIENT_ECURVE_LIST environment variable or attribute type. Start of changeSystem SSL does not support x25519 and x448 certificates. If the communication partner’s certificate is either x25519 or x448, a different certificate must be provided.End of change

If a TLS V1.3 handshake is attempted, DSA, Diffie-Hellman, and Start of changeelliptic curve x25519 or x448End of change certificates are not allowed to be received from the communication partner. There are limitations on the key type and sizes that are allowed for TLS V1.3. See gsk_secure_socket_init()'s usage section for more information. Start of changeThe communication partner will need to provide a different certificate.End of change

If the problem persists, collect a System SSL trace that contains a dump with the unsupported certificate and then contact your service representative.

406 Error while reading or writing data.

Explanation

An I/O error was reported while the System SSL run time was reading or writing data.

User response

Ensure that there are no network errors. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

407 Key label does not exist.

Explanation

The supplied label or the default key is not found in the key database or the certificate is not trusted or the certificate uses algorithms or key sizes that are not supported while executing in FIPS mode. If using a PKCS #12 file as the certificate database, the label is either the certificate's friendly name or the subject's distinguished name.

User response

Supply a valid label or define a default key in the key database or specify a label for a certificate that uses FIPS algorithms or key sizes if executing in FIPS mode. If using a PKCS #12 file, use the gskkyman command line option -dc or -dcv to display the contents of the PKCS #12 file. The friendly name or subject distinguished name values is displayed in the label field.

For more information about FIPS, see System SSL and FIPS 140-2.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

Start of changeIf using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.End of change

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

408 Key database password is not correct.

Explanation

The System SSL run time is unable to decrypt a keyfile entry. Either the supplied keyfile password is incorrect or the keyfile is damaged.

User response

Ensure that the correct keyfile password is used. Re-create the keyfile if the error persists.

410 SSL message format is incorrect.

Explanation

An incorrectly formatted SSL message is received from the communication partner.

User response

Collect a System SSL trace containing a dump of the SSL message and then contact your service representative.

411 Message authentication code is incorrect.

Explanation

The message authentication code (MAC) for a message is not correct. This indicates that the message was modified during transmission.

User response

Collect a System SSL trace containing a dump of the message and then contact your service representative if the error persists.

412 SSL protocol or certificate type is not supported.

Explanation

The SSL handshake is not successful because of an unsupported protocol or certificate type. This error can occur if there is no enabled SSL protocol shared by both the client and the server. When executing in FIPS mode, specifying the SSL V2 or SSL V3 protocol is ignored. Start of changeWhen enabled for TLS V1.3, SSL V2 and SSL V3 are not supported and are ignored.End of change

User response

Ensure that the SSL protocol you want is enabled on both the client and the server. Collect a System SSL trace containing a dump of the failing handshake and then contact your service representative if the problem persists.

413 Certificate signature is incorrect.

Explanation

The certificate signature is not correct for a certificate received from the communication partner.

User response

Ensure that a valid certificate is being sent by the communication partner. Collect a System SSL trace containing a dump of the incorrect certificate and then contact your service representative if the error persists.

414 Certificate is not valid.

Explanation

Either the local certificate or the certificate received from the peer is not valid.

User response

Ensure that a valid certificate is being sent by the communication partner. If a TLS V1.3 handshake is being attempted, the communication partner may have sent a DSA certificate, an RSA certificate with signature algorithms MD2, MD5, or SHA-224, a Brainpool certificate, or an ECC certificate with signature algorithms SHA-1 or SHA-224. These certificates are not supported with TLS V1.3. Collect a System SSL trace containing a dump of the incorrect certificate and then contact your service representative if the error persists.

415 SSL protocol violation.

Explanation

The communication partner violated the SSL protocol by sending a message out of sequence or by omitting a required field from a message.

User response

Collect a System SSL trace and then contact your service representative.

416 Permission denied.

Explanation

The System SSL run time is unable to access a file or system facility.

Start of change

User response

Ensure that the application is authorized to access the file or facility.

For key database files, ensure that the application user ID has read access to the file.

For SAF key rings, ensure that the application user ID has appropriate permission to the SAF resource in either the FACILITY or RDATALIB class.
  • The user ID must have READ access to the IRR.DIGTCERT.LISTRING resource in the FACILITY class when using a SAF key ring owned by the user ID.
  • The user ID must have UPDATE access to the IRR.DIGTCERT.LISTRING resource in the FACILITY class when using a SAF key ring owned by another user ID, or
  • The user ID must have READ access to the ringOwner.ringname.LST resource in the RDATALIB class.

For z/OS PKCS #11 tokens, ensure that the application user ID has READ access to resource USER.tokenname in the CRYPTOZ class.

If the error persists, collect a System SSL trace and then contact your service representative.

End of change

417 Self-signed certificate cannot be validated.

Explanation

A self-signed certificate cannot be validated because it is not in the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token.

User response

Add the self-signed certificate to the key database, PKCS #12 file, SAF key ring, or z/OS PKCS #11 token.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

If using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

420 Socket closed by remote partner.

Explanation

The remote partner closed the socket. This error is also reported if the remote partner sent a close notification alert.

User response

None.

421 SSL V2 cipher is not valid.

Explanation

The SSL V2 cipher is not valid.

User response

Specify a valid cipher. See Table 1 for more information about the supported SSL V2 cipher suite definitions.

422 SSL V3 cipher is not valid.

Explanation

The SSL V3 cipher is not valid.

User response

Specify a valid cipher. See Table 2 for more information about the supported SSL V3 cipher suite definitions.

427 LDAP is not available.

Explanation

The System SSL run time is unable to access the LDAP server.

User response

Ensure that the LDAP server is running and that there are no network problems. Collect a System SSL trace and then contact your service representative if the error persists.

428 Key entry does not contain a private key.

Explanation

The key entry does not contain a private key or the private key is not usable. This error can also occur if the private key is stored in ICSF and ICSF services are not available, if using a SAF key ring that is owned by another user, if the private key size is greater than the supported configuration limit or the application is executing in FIPS mode. Certificates that are meant to represent a server or client must be connected to a SAF key ring with a USAGE value of PERSONAL and either be owned by the user ID of the application or be SITE certificates. This error can occur when using z/OS PKCS #11 tokens if the user ID of the application does not have appropriate access to the CRYPTOZ class. This error can occur when using private keys associated with user certificates in a SAF key ring that is owned by another user if the user ID of the application does not have appropriate access to the ringOwner.ringName.LST resource in the RDATALIB class.

User response

Ensure that the ICSF started task is started before the application if the private key is stored in ICSF. When using z/OS PKCS #11 tokens, ensure that the user ID has appropriate access to the CRYPTOZ class.

If executing in FIPS mode, ensure that the certificate that is being used does not have its private key stored in ICSF.

429 SSL V2 header is not valid.

Explanation

The received message does not start with a valid SSL V2 header. This error can occur if an SSL V3 client attempts to establish a secure connection with an SSL V2 server.

User response

Enable the SSL V2 protocol on the client and then retry the request.

431 Certificate is revoked.

Explanation

The certificate is revoked by the certification authority.

User response

Obtain a new certificate.

432 Session renegotiation is not allowed.

Explanation

An attempt to renegotiate the session parameters for an active connection is rejected. This code occurs if renegotiation is disabled, or if the client or server rejects the renegotiation. If using the TLS protocol, and a no renegotiation alert is sent to the peer or received from the peer, then SSL processing continues using the current session parameters. If using the TLS or the SSL V3 protocol, and a handshake failure alert is sent to the peer or received from the peer, then the SSL connection is closed.

User response

If the session parameters are expected to be successfully reset, then the connection must be closed.

433 Key exceeds allowable export size.

Explanation

The key size that is used for an export cipher suite exceeds the allowable maximum size. For RSA and DSA keys, the maximum export key size is 512 bits. If the certificate key is larger than 512 bits, the SSL run time uses a temporary 512-bit key for the connection.

User response

Collect a System SSL trace and then contact your service representative.

434 Certificate key is not compatible with cipher suite.

Explanation

The certificate key is not compatible with the negotiated cipher suite. The negotiated cipher suite is dependent on the type of algorithms used by the server certificate (RSA, DSA, or Diffie-Hellman) and those available for the client to use. This error can also occur if the client certificate uses an algorithm that is incompatible with the server certificate.

User response

Specify a certificate with the appropriate key type.

435 Certification authority is unknown.

Explanation

The key database does not contain a certificate for the certification authority.

User response

Obtain the certificate for the certification authority and add it to the key database. When using a SAF key ring, the CA certificate must be TRUSTed.

Start of changeIf using RACF key rings, certificates that are marked as not trusted in the RACF database are not retrieved from the key ring. Ensure that the certificates needed to build the certificate’s trust chain are available.End of change

If using RACF key rings and the DIGTCERT and DIGTRING classes are RACLIST'ed, issue the SETROPTS RACLIST (DIGTCERT, DIGTRING) REFRESH command to refresh the profiles to ensure that the latest changes are available.

Start of changeIf generic profiling checking was enabled for the DIGTCERT class when the certificate was created or added and its issuer's distinguished name contains any generic characters (*, & and %), a generic certificate profile was created. This generic profile processing may cause the certificate not to be read from the key ring. This certificate will need to be removed and added back after turning off generic profile checking for DIGTCERT class. The SEARCH CLASS(DIGTCERT) command can be used to determine if the certificate’s profile is generic. A (G) indicates generic.End of change

436 Certificate revocation list cannot be found.

Explanation

The required certificate revocation list (CRL) cannot be found in the specified LDAP server when the gsk_crl_security_level is set to MEDIUM or HIGH or the CRL cannot be found in the HTTP server indicated in the CRL distribution points extension and the GSK_REVOCATION_SECURITY_LEVEL is set to MEDIUM or HIGH.

User response

If contacting an LDAP server to retrieve the CRL, verify that the CRL is present in the LDAP entry being searched and is valid. Verify that the certificate's issuer is the same as the CRL issuer. Contact the certification authority and obtain the required CRL.

If contacting an HTTP server to retrieve the CRL, verify that the CRL is present on the HTTP server. Contact the HTTP server administrator to verify that the CRL is present on the server. If there are crlIssuers present in the CRL distribution point extension, verify that there is at least one match between those and the CRL issuer. If a match cannot be found in the crlIssuers in the CRL distribution point extension or there are no crlIssuers present, verify that the certificate's issuer is the same as the CRL issuer. The HTTP server administrator may need to contact the certification authority to obtain the required CRL.

Collect a System SSL trace containing the error and then contact your service representative if the problem persists.

437 Connection closed.

Explanation

For gsk_secure_socket_read(), a close notification is received from the peer application. For gsk_secure_socket_write(), a close notification is sent to the peer application. A close notification is sent when the gsk_secure_socket_shutdown() routine is called or when a close notification is received from the peer application. Additional data may not be sent by the application after the close notification is sent to the peer application.

User response

None

438 Internal error reported by remote partner.

Explanation

The peer application detected an internal error while performing an SSL operation and sent an alert to close the secure connection.

User response

Check the error log for the remote application to determine the nature of the processing error.

439 Unknown alert received from remote partner.

Explanation

The peer application sent an alert message that is not recognized by the System SSL run time.

User response

Collect a System SSL trace and then contact your service representative.

440 Incorrect key usage.

Explanation

The key usage certificate extension does not permit the requested key operation. This error can occur if the key usage extension of a client or server certificate (if any) does not allow the appropriate key usage.
  • RSA server certificates using 40-bit export ciphers with a public key size greater than 512 bits must allow digital signature.
  • Diffie-Hellman server certificates using fixed Diffie-Hellman key exchange must allow key agreement.
  • Other RSA server certificates must allow key encipherment.
  • DSA server certificates using ephemeral Diffie-Hellman key exchange must allow digital signature.
  • Client certificates using fixed Diffie-Hellman key exchange must allow key agreement.
  • ECC client and server certificates using fixed EC Diffie-Hellman (ECDH) key exchange must allow key agreement.
  • Otherwise, client certificates must allow digital signature.

User response

Specify a certificate with the appropriate key usage.

If the gskkyman utility was used to create either the client (user) or server end-entity certificate, ensure that the appropriate option was selected from the Certificate Usage menu to create a client (user) or server certificate. The Certificate Usage menu consists of options for creating certificate authority and client (user) / server end-entity certificates.

441 Client certificate not received during TLS handshake

Explanation

The server requires the client to send its certificate during the TLS handshake, but a certificate was not received.

User response

Verify that the client has access to a valid certificate that can be sent to the server.

442 Multiple certificates exist for label.

Explanation

Access of certificate/key from label could not be resolved because multiple certificates/keys exist with the label.

User response

Correct certificate/key store so that label specifies a unique record.

If using a PKCS #12 file, use the gskkyman command line option -dc or -dcv to display the contents of the PKCS #12 file. The friendly name or subject distinguished name value is displayed as the label. Ensure the specified label is unique in the PKCS #12 file.

443 Multiple keys are marked as the default.

Explanation

Access of key from default status could not be resolved because multiple keys are marked as the default key.

User response

Correct the certificate/key store so that only one key is marked as the default key.

444 Error encountered generating random bytes.

Explanation

The SSL/TLS handshake encountered an error while generating random bytes.

User response

Retry the secure connection. Contact your service representative if the error persists.

445 Key database is not a FIPS mode database.

Explanation

While executing in FIPS mode, an attempt was made to open a key database that does not meet FIPS criteria.

User response

Specify a key database that meets FIPS criteria if running in FIPS mode.

446 TLS extension mismatch has been encountered.

Explanation

The TLS client received a message from the TLS server containing a TLS extension that was not requested. The TLS server must only respond to an extension that was sent by the TLS client.

User response

Ensure that the TLS server is operating correctly. If the problem persists, collect a System SSL trace and contact your service representative.

447 Required TLS extension has been rejected.

Explanation

The TLS server or client encountered a communicating partner that does not support a TLS extension that is defined as required.

User response

Ensure that the TLS extension data is correctly defined, and that both the TLS server and client support the required extension. If the problem persists collect a System SSL trace and contact your service representative.

448 Requested server name is not recognized.

Explanation

The TLS server is unable to match the server names that are supplied in a "Server Name Indication" type TLS extension, and either the TLS server or TLS client determined this scenario to be fatal.

User response

Ensure that the TLS extension data is correct for both the TLS server and client.

449 Unsupported fragment length was received.

Explanation

The TLS server received a Maximum Fragment Length TLS extension request from the TLS client that specifies an unsupported maximum fragment length. Supported maximum fragment lengths are 512 bytes, 1024 bytes, 2048 bytes, and 4096 bytes.

User response

Ensure that the TLS extension data is correct for the TLS server and the communicating partner. If the problem persists collect a System SSL trace and contact your service representative.

450 TLS extension length field is not valid.

Explanation

The TLS client or server received a message containing a TLS extension that was not correctly formed. The TLS extension data contains a length field that has an incorrect value.

User response

Ensure that the TLS extension data is correct for both the TLS server and client. If the problem persists collect a System SSL trace and contact your service representative.

451 Elliptic Curve is not supported.

Explanation

The EC domain parameters that are defined for the elliptic curve public or private key are not supported.

User response

Ensure the elliptic curve public/private key pair uses a supported elliptic curve. See Using cryptographic features with System SSL for the list of elliptic curves that are supported by System SSL.

452 EC Parameters not supplied

Explanation

A gsk_buffer structure containing the EC domain parameters was not supplied on the call.

User response

Supply a gsk_buffer structure containing the EC domain parameters on the function call.

453 Signature not supplied

Explanation

A gsk_buffer structure containing the signature was not supplied on the call.

User response

Supply a gsk_buffer structure containing the signature on the function call.

454 Elliptic Curve parameters are not valid

Explanation

The EC domain parameters that are defined for the elliptic curve public or private key are not valid. Either no parameters could be found or the parameters could not be successfully decoded.

User response

Ensure the elliptic curve public/private key pair uses a valid elliptic curve.

455 ICSF services are not available

Explanation

A cryptographic process cannot be completed because of ICSF callable services being unavailable. This error might also occur when attempting to use a cipher suite that uses ICSF to perform a United States only encryption algorithm (such as AES-GCM) when ICSF is only able to use US export restricted encryption algorithms.

User response

Ensure that ICSF is running and operating correctly. If ICSF is running correctly, ensure that ICSF is able to use United States only encryption algorithms.

456 ICSF callable service returned an error

Explanation

An ICSF callable service that is employed to facilitate a cryptographic process returned an error condition. This error can occur if the user ID of the application does not have appropriate access to the RACF CSFSERV class resource profiles.

User response

Ensure that ICSF is operating correctly and that the user ID of the application has appropriate access to the RACF CSFSERV class resource profiles. See Table 1 or Table 2 for information about resource profiles. Collect a System SSL trace and verify the ICSF return code and reason code relating to the error. See z/OS Cryptographic Services ICSF Application Programmer's Guide for more information about ICSF return and reason codes. If the problem persists contact your service representative.

457 ICSF PKCS #11 not operating in FIPS mode

Explanation

While running in FIPS mode, an attempt was made to use ICSF PKCS #11 services, which were not operating in FIPS mode.

User response

Ensure that ICSF is configured to run in FIPS mode.

458 The SSL V3 expanded cipher is not valid

Explanation

The SSL V3 4-character cipher is not valid.

User response

Specify a valid 4-character cipher. See Table 3 for more information about supported 4-character ciphers.

459 Elliptic Curve is not supported in FIPS mode.

Explanation

The EC domain parameters that are defined for the elliptic curve public or private key are not approved in FIPS mode.

User response

Ensure the elliptic curve for the public or private key is valid in FIPS mode. See System SSL and FIPS 140-2 for a list of elliptic curves that are supported by System SSL when running in FIPS mode.

460 Required TLS Renegotiation Indication not received

Explanation

TLS Renegotiation Indication was not received on the initial handshake with peer as required by the GSK_EXTENDED_RENEGOTIATION_INDICATOR environment variable or the gsk_attribute_set_enum enumeration ID GSK_EXTENDED_RENEGOTIATION_INDICATOR. If a server receives this code, then the GSK_EXTENDED_RENEGOTIATION_INDICATOR is set to either SERVER or BOTH and the client did not signal TLS Renegotiation Indication on the initial client hello. If a client receives this code, then the GSK_EXTENDED_RENEGOTIATION_INDICATOR is set to either CLIENT or BOTH and the server did not signal TLS Renegotiation Indication on the initial server hello.

User response

Ensure that the peer is configured to signal TLS Renegotiation Indication. If the peer does not support TLS Renegotiation Indication, and connection is required, then adjust the local setting of the environment variable GSK_EXTENDED_RENEGOTIATION_INDICATOR to “OPTIONAL” or the gsk_attribute_set_enum enumeration ID GSK_EXTENDED_RENEGOTIATION_INDICATOR to GSK_EXTENDED_RENEGOTIATION_INDICATOR_ OPTIONAL.

461 EC domain parameter format is not supported.

Explanation

The server key exchange message contains an elliptic curve parameter format or named curve specification that is not supported

User response

For ephemeral ECDH cipher suites, ensure that only the named curve EC domain parameter format is used in the server key exchange message, with a named curve that is supported by System SSL.

462 Elliptic Curve point format is not supported.

Explanation

The elliptic curve public value is specified using an EC point format that is not supported.

User response

Ensure the elliptic curve public value is specified using a supported EC point format. System SSL supports only the uncompressed EC points format.

463 Cryptographic hardware does not support service or algorithm

Explanation

A call requiring cryptographic hardware was made to ICSF. The current installation hardware does not support the service or algorithm that is being used.

User response

Ensure that the correct protocol is in use for your installation, and that the cryptographic hardware required for this service or algorithm is available to ICSF.

464 Elliptic curve list is not valid.

Explanation

Start of changeThe supported elliptic curve list is not formatted correctly or when running in FIPS mode, the removal of unsupported elliptic curves resulted in an empty list.End of change

User response

Ensure the value that is supplied for Start of changeGSK_CLIENT_ECURVE_LIST or GSK_SERVER_ALLOWED_KEX_ECURVESEnd of change contains only entries for elliptic curves that are supported by System SSL. See Table 5 for a list of supported elliptic curve definitions. Ensure that each entry uses 4 decimal digits.

If enabled for FIPS mode, elliptic curves x25519 and x448 are not supported. The specified list may also be tailored to meet the requirements of the FIPS level being utilized. For information about FIPS mode level support, see System SSL and FIPS 140-2.

465 ICSF PKCS #11 services are disabled

Explanation

An attempt was made to use ICSF PKCS #11 services, which are disabled because of an ICSF FIPS self-test failure.

User response

Stop and restart ICSF. System SSL might need restarting to regain the full hardware benefit from ICSF. Contact your service representative if the error persists.

466 Signature algorithm pairs list is not valid.

Explanation

The supported signature algorithm pairs list is not correctly formatted.

User response

Ensure the value supplied for GSK_TLS_SIG_ALG_PAIRS, GSK_TLS_CERT_SIG_ALG_PAIRS, or GSK_OCSP_RESPONSE_SIGALG_PAIRS contains only valid entries for hash and signature algorithm pairs that are supported by System SSL and that each entry is defined using four characters. See Table 6 and Table 7 for a list of valid 4-character signature algorithm pair definitions.

467 Signature algorithm not in signature algorithm pairs list.

Explanation

A signature algorithm that is used to sign a local or peer certificate is not included in the signature algorithm pairs list or the certificate signature algorithm pairs list. The server certificate chain must use signature algorithms included in the signature algorithm pairs or the certificate signature algorithm pairs that are presented by the client during the TLS handshake. The client certificate chain must use signature algorithms included in the signature algorithm pairs or the certificate signature algorithm pairs that are presented by the server during the TLS handshake. If remote partner specifies the signature algorithm pairs and the certificate signature algorithm pairs, the specified certificate signature algorithm pairs take precedence over the signature algorithm pairs. For TLS V1.2 handshakes, the GSK_TLS_CERT_SIG_ALG_PAIRS setting is only used on the client side to indicate the signature algorithms that the client supports in the server’s certificate chain.

User response

Ensure that the signatures of the local and peer certificates in the certificate chain use signature algorithms that are present in the signature algorithm pairs list or the certificate signature algorithm pairs list that is presented by the session partner. If the certificate chain is correct, configure the client or server or both to specify all necessary signature algorithms pairs in the GSK_TLS_SIG_ALG_PAIRS or GSK_TLS_CERT_SIG_ALG_PAIRS settings to allow use of the certificate chain. If GSK_TLS_CERT_SIG_ALG_PAIRS is specified, it takes precedence while checking the signature algorithms used in the certificate chain. See Table 6 and Table 7 for a list of valid 4-character signature algorithm pair definitions.

468 Certificate key algorithm not in signature algorithm pairs list.

Explanation

The certificate key algorithm of the local certificate cannot be used to generate digital signatures as it is not included in the signature algorithm pairs list. The server certificate must use a key algorithm included in the signature algorithm pairs list that is presented by the client during the TLS handshake and the server's supported signature algorithm pairs list. The client certificate must use a key algorithm included in the signature algorithm pairs list that is presented by the server during the TLS handshake and the client's supported signature algorithm pairs list.

User response

Ensure that the key algorithm of the certificate is present in the signature algorithm pairs list that is presented by the session partner. If the certificate is correct, configure the client or server or both to specify all necessary signature algorithm pairs in the environment variable GSK_TLS_SIG_ALG_PAIRS that allows the use of the certificate's key for generating digital signatures. See Table 7 for a list of valid 4-character signature algorithm pair definitions.

469 Incorrect key attribute.

Explanation

One or more PKCS #11 attributes or parameters for a key are missing or incorrect for a requested function that is being performed. For example, a signing operation requires that for the key that is being used, the PKCS #11 sign attribute is to be TRUE. Verify that the correct key is being used for the requested function, and that all required attributes are set for that key. If you are using gsk_make_enveloped_private_key_msg(), ensure that a recipient certificate's RSA public key is valid.

User response

Verify that a certificate's PKCS #11 key attributes are correct for the function that is being performed.

470 Certificate does not meet Suite B requirements.

Explanation

The certificate in use does not meet the requirements for the Suite B profile that is selected for the environment.

User response

Ensure that the certificate used for the connection satisfies the requirements for the chosen Suite B profile. See Suite B cryptography support for more information about Suite B certificate requirements.

471 Secure private key cannot be used with a fixed ECDH key exchange.

Explanation

A handshake attempted to perform an ECDH key exchange. The certificate's private key is a label that is pointing to a secure key. This is not a supported operation.

User response

Choose a certificate that does not have a secure private key or a cipher that does not perform an ECDH key exchange.

472 Clear key support not available due to ICSF key policy.

Explanation

Unable to generate clear keys or PKCS #11 objects because of the caller's RACF access to CRYPTOZ class resource CLEARKEY.SYSTOK-SESSION-ONLY does not allow the generation of non-secure (clear) PKCS #11 keys.

User response

Ensure that the user ID of the application has appropriate access to the RACF CRYPTOZ class resource CLEARKEY.SYSTOK-SESSION-ONLY.

473 OCSP responder requires a signed request

Explanation

The OCSP responder contacted for certificate validation requires that all OCSP requests be signed.

User response

Enable OCSP request signing by specifying the label of the signing certificate (GSK_OCSP_REQUEST_SIGKEYLABEL) and the signature algorithm (GSK_OCSP_REQUEST_SIGALG).

474 HTTP response is not valid

Explanation

The HTTP response received was not properly formatted or contents are not valid. The HTTP response received must be an HTTP/1.0 or HTTP/1.1 response.

User response

Ensure that the HTTP server is running, that there are no network errors, and the HTTP server sends its responses using HTTP/1.0 or HTTP/1.1 protocols. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

475 OCSP response is not valid

Explanation

The OCSP ASN.1 encoded response received from the OCSP responder was not properly formatted or its contents are not valid.

User response

Ensure that the OCSP responder server is properly encoding the OCSP response, that it is running, and that there are no network errors. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

476 Session ID entry does not exist

Explanation

For a client application, the session identifier or a session ticket specified by GSK_PEER_ID does not exist or has expired. If a client application has set GSK_REQ_CACHE_SESSION to ON, the required cached session entry could not be located. For a client application, the maximum number of SSL environment connections has been reached by a client application so new GSK_PEER_IDs cannot be stored in the session cache.

For a server application, the session identifier specified by GSK_SID_VALUE does not exist or has expired. If a server application has set GSK_SID_VALUE, the required cached session entry could not be located when the session is using an SSL V3 through TLS V1.2 handshake or the session ticket sent by the client does not contain the correct session identifier while attempting a TLS V1.3 handshake resumption.

User response

Verify that the specified session identifier is correct, is not expired, the cache is large enough to hold the cached session entry, and the maximum client connections has not been reached.

477 Client SID does not match server SID

Explanation

For SSL V3 through TLS V1.2 handshakes, the server failed the connection request because the session identifier provided by the client through the client hello does not match the server GSK_SID_VALUE that was specified by gsk_attribute_set_buffer().

For TLS V1.3 handshakes, the server failed the connection request for one of the following reasons:
  • The session identifier in the session ticket through the client hello does not match the server GSK_SID_VALUE that was specified by gsk_attribute_set_buffer().
  • A session ticket was not sent from the client.
  • The server is unable to decrypt the session ticket because the encryption key is not available.
  • The session ticket is expired.

User response

Verify that the specified session identifier is correct.

If attempting to resume a TLS V1.3 connection, ensure that the GSK_SESSION_TICKET_SERVER_TIMEOUT and GSK_SESSION_TICKET_SERVER_KEY_REFRESH settings are appropriate to allow for the session ticket sent from the client to be used. If the session ticket is expired or the key used to encrypt the session ticket is not available, session reuse will fail.

478 Client session cache attributes do not agree

Explanation

Client application attributes GSK_ENABLE_CLIENT_SET_PEERID, GSK_REQ_CACHED_SESSION, GSK_V3_SIDCACHE_SIZE, GSK_V3_SESSION_TIMEOUT, and GSK_SESSION_TICKET_CLIENT_ENABLE conflict.

User response

Verify that the settings for GSK_ENABLE_CLIENT_SET_PEERID, GSK_REQ_CACHED_SESSION, GSK_V3_SIDCACHE_SIZE, GSK_V3_SESSION_TIMEOUT, and GSK_SESSION_TICKET_CLIENT_ENABLE are in agreement.

Attribute conflicts may cause the application to not behave as desired and may result in handshake failures. SID cache reuse requires that the cache be defined and active.

One or more of the following conflicts may need to be corrected:
  • A client application has set GSK_ENABLE_CLIENT_SET_PEERID to OFF and GSK_REQ_CACHED_SESSION to ON.
  • A client application has set GSK_ENABLE_CLIENT_SET_PEERID to ON and attributes GSK_V3_SIDCACHE_SIZE or GSK_V3_SESSION_TIMEOUT to zero.
  • A client application has set GSK_ENABLE_CLIENT_SET_PEERID to ON and attribute GSK_SESSION_TICKET_CLIENT_ENABLE to OFF when the connection handle is enabled for TLS V1.3.

479 SID VALUE is not valid

Explanation

A user-supplied GSK_SID_VALUE was encountered that is not valid in the gsk_secure_socket_init() routine.

User response

An application should only set GSK_SID_VALUE for a new connection if cache reuse is desired. The System SSL generated value can only be retrieved from SSL using gsk_attribute_get_buffer(). The buffer that is returned belongs to an active System SSL connection and should not be modified or the storage freed by the application. If the connection that provided the GSK_SID_VALUE buffer has closed, the data pointed to by the buffer cannot be determined. An application must copy this data into the application's own storage in order to continue reusing a particular cached session prior to closing the originating connection.

480 PEER ID is not valid

Explanation

A user-supplied GSK_PEER_ID was encountered that is not valid in the gsk_secure_socket_init() routine.

User response

An application should only set GSK_PEER_ID for a new connection if cache reuse is desired. The System SSL generated value can only be retrieved from SSL using gsk_attribute_get_buffer(). The buffer that is returned belongs to an active System SSL connection and should not be modified or the storage freed by the application. If the connection that provided the GSK_PEER_ID buffer has closed, the data pointed to by the buffer cannot be determined. An application must copy this data into the application's own storage in order to continue reusing a particular cached session.

481 OCSP request failed with internal responder error

Explanation

The OCSP responder contacted for certificate validation returned an internal error.

User response

Ensure that the OCSP responder server is running and that there are no network errors. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

482 OCSP response is expired

Explanation

The current time is after the OCSP response expiration time.

User response

If using the dedicated OCSP responder, ensure that the OCSP responder server is using the most recent revocation information available from the certification authority. If certificate revocation through the AIA extension is enabled, ensure that the OCSP responder servers referenced in the certificate chain are using the most recent revocation information available. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

483 Error creating OCSP request

Explanation

An internal error was encountered while creating the OCSP request to send to an OCSP responder.

User response

If OCSP request signing is enabled, verify that the signing certificate resides in the SAF key ring, SSL key database, PKCS#11 token, or PKCS#12 file and the signing certificate is valid (start time is before the current time and is not yet expired) and contains a private key. The key repository is provided through the GSK_KEYRING_FILE environment variable or attribute. The OCSP signing certificate is provided through the GSK_OCSP_REQUEST_SIGKEYLABEL environment variable or attribute.

Collect a System SSL trace containing the error and then contact your service representative if the error persists.

484 Maximum response size exceeded

Explanation

When attempting to retrieve revocation information, the HTTP response exceeded the maximum configured response size for either an OCSP response or a HTTP CRL. The response size is provided through either GSK_HTTP_CDP_MAX_RESPONSE_SIZE or GSK_OCSP_MAX_RESPONSE_SIZE environment variables or attributes.

User response

Ensure that the HTTP response maximum size is adequate for the size of the CRLs or OCSP responses that are being retrieved. If necessary, increase the maximum response size until an adequate size is provided to handle the CRLs or OCSP responses that are being retrieved. If unable to determine an adequate size, collect a System SSL trace containing the error and then contact your service representative.

485 HTTP server communication error

Explanation

Unable to establish a connection to contact the HTTP server or the OCSP responder to retrieve certificate revocation information.

User response

If enabled for OCSP and a dedicated OCSP responder is enabled, ensure that the responder is running and can be accessed.

If enabled for OCSP responders identified in the certificate AIA extension, ensure that the OCSP responders specified in the extension are running and can be accessed.

If HTTP CRL support is enabled, ensure that the HTTP server specified in the CRL Distribution Point extension is running and can be accessed.

If there is a firewall in place and either an HTTP proxy server or port or an OCSP proxy server or port has been identified, ensure that the servers and ports settings are correct and the servers can be accessed. The HTTP proxy server and port are specified through the GSK_HTTP_CDP_PROXY_SERVER_NAME and GSK_HTTP_CDP_PROXY_SERVER_PORT attributes or environment variables. The OCSP proxy server and port are specified through the GSK_OCSP_PROXY_SERVER_NAME and GSK_OCSP_PROXY_SERVER_PORT attributes or environment variables.

Collect a System SSL trace containing the error and then contact your service representative if the error persists.

486 Nonce in OCSP response does not match value in OCSP request

Explanation

When validating the nonce in the OCSP response, the value did not match the value sent in the OCSP request.

User response

If OCSP is enabled for the dedicated OCSP responder (GSK_OCSP_URL), ensure that the OCSP responder server is configured to send a nonce in OCSP responses.

Ensure that nonce checking is required. If not required, set GSK_OCSP_NONCE_CHECK_ENABLE to off.

Collect a System SSL trace containing the error and then contact your service representative if the error persists.

487 OCSP response not received within configured time limit

Explanation

The time limit indicated in the value for GSK_OCSP_RESPONSE_TIMEOUT has been exceeded.

User response

Ensure that the HTTP server where the OCSP responder resides is available and able to process OCSP requests. Verify that the value for GSK_OCSP_RESPONSE_TIMEOUT is sufficient to receive a complete response from the HTTP server containing the OCSP responder.

488 Revocation information is not yet valid

Explanation

The current time is earlier than the validity period of the revocation information provided though either an OCSP response or CRL.

User response

Ensure that the system time is configured correctly. Collect a System SSL trace containing the error and then contact your service representative if the problem persists.

489 HTTP server host name is not valid

Explanation

The URI value in the AIA extension or the CDP extension is not in the correct format or cannot be resolved by the Domain Name Service (DNS). The correct URI format is http://hostname[:portNumber].

User response

If the GSK_OCSP_ENABLE parameter is enabled, verify that the certificate being verified has a URI value in the AIA extension that is properly formatted and can be resolved by the DNS. It may be necessary to obtain a new certificate or to specify the GSK_OCSP_PROXY_SERVER_NAME and GSK_OCSP_PROXY_SERVER_PORT parameters if there is a need to pass through a firewall. If the GSK_OCSP_URL or GSK_OCSP_PROXY_SERVER_NAME parameters are specified, verify that the host name and the IP address is properly formatted and can be resolved by the DNS.

If the GSK_HTTP_CDP_ENABLE parameter is enabled, verify that the certificate being verified has a URI value in the CDP extension that is properly formatted and can be resolved by the DNS. It may be necessary to obtain a new certificate or to specify the GSK_HTTP_CDP_PROXY_SERVER_NAME and GSK_HTTP_CDP_PROXY_SERVER_PORT parameters if there is a need to pass through a firewall.

490 PKCS #12 file content not valid

Explanation

When processing the PKCS #12 file, a format error was detected. This can occur if the file is not properly ASN.1 encoded, been modified if transferred, or the PKCS #12 file is not a Version 3 binary file. PKCS #12 Version 1 files and files in Base64 format are not supported.

User response

If the current file is either a PKCS #12 Version 1 file or a Base64 encoded file, it must be replaced with a PKCS #12 Version 3 file. If transferring the file, be sure to transfer the file in binary format. Correct the PKCS #12 file or obtain a new PKCS #12 file. If the problem persists, collect a System SSL Trace containing the error and then contact your service representative.

491 Required basic constraints certificate extension is missing

Explanation

During the establishment of an SSL/TLS secure connection (gsk_secure_socket_init() or gsk_secure_soc_init() API) with certificate validation processing set to mode ANY or 2459, an intermediate CA certificate was encountered outside of a trusted certificate source (for example, key database file, PKCS #12 file, SAF key ring, or PKCS #11 token), which does not have a basic constraints extension.

User response

Contact the connection partner to determine the certificates being utilized. Once the certificates are identified, either new valid Version 3 certificates can be obtained to replace the intermediate CA certificate or certificates causing the error, or if the usage of the intermediate CA certificates is deemed to be acceptable, a version of the CA certificate or certificates needs to be added to the application's trusted certificate source (for example, key database file, PKCS #12 file, SAF key ring, or PKCS #11 token).

If the error persists after adding the certificates, or if the certificates can not be readily obtained, collect a System SSL trace containing the error and then contact your service representative.

492 Maximum number of locations allowed to be contacted during certificate validation has been reached

Explanation

The number of locations allowed by either GSK_MAX_SOURCE_REV_EXT_LOC_VALUES or GSK_MAX_VALIDATION_REV_EXT_LOC_VALUES has been exceeded. The locations for revocation information are specified by the accessLocation in the AIA certificate extension for OCSP and the distributionPoint in the CDP extension for HTTP CRLs.

User response

Use the values in the certificate chain being validated to determine the proper value for GSK_MAX_SOURCE_REV_EXT_LOC_VALUES, GSK_MAX_VALIDATION_REV_EXT_LOC_VALUES, or both. The value for GSK_MAX_SOURCE_REV_EXT_LOC_VALUES must be greater than or equal to the maximum number of location values in a CDP or AIA extension used in the certificate chain being validated. The value for GSK_MAX_VALIDATION_REV_EXT_LOC_VALUES must be greater than or equal to the total number of location values in all CDP and AIA extensions used in the certificate chain being validated. Collect a System SSL trace containing the error and then contact your service representative if the problem persists.

493 HTTP response not received within configured time limit

Explanation

The time limit indicated in the value for GSK_HTTP_CDP_RESPONSE_TIMEOUT has been exceeded.

User response

Ensure that the HTTP server is available and able to process HTTP CRL requests. Verify that the value for GSK_HTTP_CDP_RESPONSE_TIMEOUT is sufficient to receive a complete response from the HTTP server

494 LDAP response not received within configured time limit

Explanation

The time limit indicated in the value for GSK_LDAP_RESPONSE_TIMEOUT has been exceeded.

User response

Ensure that the LDAP server is available and able to process LDAP CRL requests. Verify that the value for GSK_LDAP_RESPONSE_TIMEOUT is sufficient to receive a complete response from the LDAP server.

495 OCSP request failed with try later error

Explanation

The OCSP responder is unable to currently process the OCSP request.

User response

Contact the OCSP responder administrator to verify that the OCSP responder is working properly. Then retry the OCSP request at a later time.

496 OCSP response signature algorithm not in signature algorithm pairs list.

Explanation

The OCSP response was signed with an algorithm that was not specified in the OCSP response signature algorithm pairs list.

User response

Verify that the signature algorithms included in the response signature algorithm pairs list (GSK_OCSP_RESPONSE_SIGALG_PAIRS) are supported by the OCSP responder and are valid based on the certificate being validated. For example, the OCSP responder may ignore an signature algorithm of SHA-224 with RSA encryption if the certificate being validated is an ECDSA certificate. Ensure that the OCSP responder supports the OCSP preferred signature algorithms extension. The OCSP response signature algorithm pairs list may need to be updated to include the algorithm that the OCSP responder is using to sign the OCSP response. See Table 7 for a list of valid 4-character signature algorithm pair definitions. Collect a System SSL trace containing the error and then contact your service representative if the error persists.

497 OCSP request signature algorithm pair is not valid.

Explanation

The OCSP request signature algorithm pair specified in the GSK_OCSP_REQUEST_SIGALG environment variable or attribute type in gsk_attribute_set_buffer() is not valid. The valid values for the OCSP request signature algorithm pair definitions can be found in Table 7.

User response

Correct the OCSP request signing algorithm that is specified in the GSK_OCSP_REQUEST_SIGALG environment variable or attribute type in gsk_attribute_set_buffer().

498 OCSP response does not contain requested certificate status.

Explanation

The OCSP response from the OCSP responder does not contain the requested certificate status.

User response

Contact the OCSP responder administrator to verify that the OCSP responder is operating as expected. If the error persists, collect a System SSL trace containing the error and then contact your service representative.

499 OCSP response contains duplicate certificate statuses.

Explanation

The OCSP response from the OCSP responder contains duplicate certificate statuses and it is not possible to determine revocation status of the requested certificate.

User response

Contact the OCSP responder administrator to verify that the OCSP responder is operating as expected. If the error persists, collect a System SSL trace containing the error and then contact your service representative.

500 Triple DES key parts are not unique

Explanation

During the negotiation of a secure connection utilizing a triple DES cipher with unique key enforcement enabled, the generated triple DES key did not meet the requirement of each key part being unique. The three key parts are checked for uniqueness in a non-FIPS mode environment when attribute GSK_3DES_KEYCHECK has been set to GSK_3DES_KEYCHECK_ON. Triple DES key part uniqueness checking always takes place in FIPS mode.

User response

Try the connection again.

501 Buffer size is not valid.

Explanation

The socket buffer or buffer size is not valid.

User response

Specify a valid buffer and buffer size.

502 Socket request would block.

Explanation

The socket is in non-blocking mode and the socket request returned the EWOULDBLOCK error.

User response

Retry the gsk_secure_socket_read() or gsk_secure_socket_write() request when the socket is ready to send or receive data.

503 Socket read request would block.

Explanation

A socket read request that is issued as part of an SSL handshake returned the EWOULDBLOCK error.

User response

Retry the failing request when the socket is ready to receive data.

504 Socket write request would block.

Explanation

A socket write request that is issued as part of an SSL handshake return the EWOULDBLOCK error.

User response

Retry the failing request when the socket is ready to send data.

505 Record overflow.

Explanation

An SSL protocol record has a plain text record length greater than 16384 or an encrypted text record length greater than 18432.

User response

Ensure that data is not being corrupted during transmission. Obtain a System SSL trace containing a dump of the failing record and contact your service representative if the error persists.

507 Certificate version does not meet the minimum required version level

Explanation

An X.509 end-entity certificate being utilized by the peer did not meet the minimum allowed System SSL X.509 certificate version.

User response

Start of changeEnsure that the peer’s certificate version is at least equal to the minimum supported version. The minimum version value can be modified using GSK_PEER_CERT_MIN_VERSION. If a TLS V1.3 connection is being negotiated, the certificate must be version 3.End of change

508 Key size is smaller than the minimum size allowed.

Explanation

During the negotiation of a secure connection, the peer's X.509 end-entity certificate contains a RSA, DSA, DH, or ECC key that is smaller than the minimum size allowed.

User response

Ensure that the key sizes are at least equal to the minimum supported key sizes. The minimum key size value can be modified using attributes GSK_PEER_RSA_MIN_KEY_SIZE, GSK_PEER_DSA_MIN_KEY_SIZE, GSK_PEER_DH_MIN_KEY_SIZE, and GSK_PEER_ECC_MIN_KEY_SIZE.

If a TLS V1.3 connection is being negotiated:
  • The minimum key size for an RSA peer certificate is the larger of the following two values: 2048 or the value specified in the GSK_PEER_RSA_MIN_KEY_SIZE attribute.
  • The minimum key size for an ECC peer certificate is the larger of the following two values: 256 or the value specified in the GSK_PEER_ECC_MIN_KEY_SIZE attribute.

509 Key label list is not valid

Explanation

When using the environment variable GSK_SERVER_KEY_LABEL_LIST, one of the following may have occurred:
  • More than 8 key labels were specified.
  • A specified key label is greater than 127 characters. The backslash (\) characters used as an escape character for a blank space or comma in the label name are not counted as part of that 127 character maximum length.
  • List did not consist of at least one key label.

User response

Ensure that the key label list is valid.

510 No acceptable key labels found

Explanation

When using the attribute GSK_SERVER_KEYRING_LABEL_LIST, none of the certificates supported the protocol, ciphers (TLS V1.2 and earlier), or the session attributes defined for an SSL connection. Certificates that are either expired or not yet valid are ignored.

User response

Ensure that at least one of the certificates defined by attribute GSK_SERVER_KEYRING_LABEL_LIST supports the requested protocol, cipher (TLS V1.2 and earlier), and session attributes of an SSL connection. Collect a System SSL trace containing the error and contact your service representative if the error persists.

511 OCSP stapling requires OCSP support to be enabled.

Explanation

OCSP stapling on the System SSL server application requires either the GSK_OCSP_URL to be specified or the GSK_OCSP_ENABLE option to be set to ON.

User response

Ensure that GSK_OCSP_URL is specified or the GSK_OCSP_ENABLE option is set to ON when OCSP stapling on the server is enabled. Otherwise, turn off OCSP stapling by setting the GSK_SERVER_OCSP_STAPLING environment variable to OFF or by calling the gsk_attribute_set_enum() routine with the GSK_SERVER_OCSP_STAPLING attribute type set to GSK_SERVER_OCSP_STAPLING_OFF.

512 Certificate status response is not valid.

Explanation

System SSL is configured for server OCSP stapling. If the negotiated protocol is TLS V1.2 and earlier, the TLS server has sent a CERTIFICATE-STATUS response message that the TLS client does not understand. If the negotiated protocol is TLS V1.3, the TLS server has sent a Certificate Status Request extension containing the OCSP response that the TLS client does not understand. The TLS handshake is aborted.

User response

If the negotiated protocol is TLS V1.2 and earlier, the OCSP responder that System SSL has contacted may have provided an improperly formatted OCSP response that System SSL has included in the CERTIFICATE-STATUS message. Verify that the TLS client is able to handle the OCSP responses that reside in the CERTIFICATE-STATUS message.

If the negotiated protocol is TLS V1.3, the OCSP responder that System SSL has contacted may have provided an improperly formatted OCSP response that System SSL has included in the Certificate Status Request extension. Verify that the TLS client is able to handle the OCSP responses that reside within the Certificate Status Request extension in the server’s CERTIFICATE message.

If the error persists, collect a System SSL trace containing the error and then contact your service representative.

513 An inappropriate protocol fallback is detected

Explanation

The server is enabled for the Signaling Cipher Suite Value (SCSV) support by setting the GSK_SERVER_FALLBACK_SCSV attribute type on gsk_attribute_set_enum() to GSK_SERVER_FALLBACK_SCSV_ON or the GSK_SERVER_FALLBACK_SCSV environment variable to ON. When the SCSV is present in the client's supported cipher list during a handshake, it indicates that the client is attempting a fallback handshake with an earlier SSL or TLS protocol. If the server's highest supported TLS or SSL protocol level is greater than the client's SSL or TLS protocol level, the handshake fails with this error.

User response

If the server is configured appropriately with the GSK_SERVER_FALLBACK_SCSV attribute type or environment variable enabled, no action is required as the server is appropriately rejecting a client's attempt to do a handshake at an earlier TLS or SSL protocol level.

Ensure that the client is properly enabled for the highest SSL or TLS protocol level supported by the server and retry the initial handshake without sending the SCSV to the server.

514 Required TLS extension is missing from remote partner

Explanation

The remote partner did not send a required TLS extension during the TLS handshake process. The TLS handshake cannot continue.

User response

Ensure that the remote partner is specifying the required TLS extensions that are required for the secure TLS connection. If a TLS V1.3 handshake is attempted, ensure that the remote partner is including the signature algorithms, key share, and supported groups extensions. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

515 Key share list is not valid.

Explanation

The specified key share list is not configured or set, not formatted correctly, or contains groups that are not supported by TLS V1.3.

User response

Ensure the values that are supplied for GSK_CLIENT_TLS_KEY_SHARES or GSK_SERVER_TLS_KEY_SHARES only specifies groups that are supported by System SSL for TLS V1.3. Ensure that each entry uses 4 decimal digits and is not empty. See Table 5 for a list of supported key share group curve definitions for TLS V1.3.

516 No key share groups in common with partner

Explanation

The client and server key share groups do not contain at least one value in common.

User response

Check with the remote partner to determine the key share groups that are to be used and supported by both sides.

If running as a server application, ensure that there is at least one key share group specified in the GSK_SERVER_TLS_KEY_SHARES that is also supported by the remote client partner.

If running as a client application, the remote server partner has selected a key share group that has not been specified in the GSK_CLIENT_TLS_KEY_SHARES list. It may be necessary to update the client’s GSK_CLIENT_TLS_KEY_SHARES and GSK_CLIENT_ECURVE_LIST settings to include the server’s selected key share group. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

517 No matches between elliptic curve and key share lists

Explanation

On the client side Start of changewhen TLS 1.3 is enabledEnd of change, System SSL uses the GSK_CLIENT_ECURVE_LIST setting to specify the elliptic curves or supported groups that are sent to the server. The GSK_CLIENT_TLS_KEY_SHARES setting specifies the key share groups and it must contain at least one of the groups in the GSK_CLIENT_ECURVE_LIST setting.

On the server side, System SSL Start of changehas selected TLS 1.3 for the handshake andEnd of change has determined that the client has sent the elliptic curves or supported groups in a different order than the key share groups.

User response

If running as a client application, update the GSK_CLIENT_ECURVE_LIST or the GSK_CLIENT_TLS_KEY_SHARES to include at least one group that is in common between the two lists. The GSK_CLIENT_TLS_KEY_SHARES list should be a subset of the groups that are specified in the GSK_CLIENT_ECURVE_LIST. Verify that the GSK_CLIENT_ECURVE_LIST is not empty Start of change(NULL)End of change.

If running as a server application, contact the remote client partner to verify the elliptic curves or supported groups and the key shares are properly configured. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

518 Alert received from remote partner is allowed by protocol but not expected by System SSL

Explanation

An alert has been received from the remote partner that is supported by the protocol, but is not expected by System SSL.

User response

Contact the remote partner and verify that it is sending the appropriate alert in this scenario. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

519 Required ciphers have not been specified

Explanation

This error can occur for the following reasons:
  • The client has enabled the TLS V1.3 protocol and has not specified at least one valid TLS V1.3 cipher specification.
  • The client has enabled the TLS V1.3 protocol along with another TLS protocol and has not specified at least one cipher that is supported with the TLS V1.0, TLS V1.1, or TLS V1.2 protocol.

User response

If the client is enabled for the TLS V1.3 protocol:
  • Verify that there is at least one valid TLS V1.3 cipher specification has been specified in the GSK_V3_CIPHER_SPECS_EXPANDED setting.
  • Verify that there is at least one cipher specification in the GSK_V3_CIPHER_SPECS_EXPANDED setting that is supported with the other TLS protocols that are enabled.
For more information about the supported cipher specifications, see Table 3.

520 4-character cipher specifications are required

Explanation

If TLS V1.3 is enabled, 4-character cipher specifications must be used.

User response

The application must call gsk_attribute_set_enum() and set the enumeration identifier GSK_V3_CIPHERS to have a value of GSK_V3_CIPHERS_CHAR4. Once enabled for 4-character cipher specifications, the application uses the GSK_V3_CIPHER_SPECS_EXPANDED setting for the cipher specifications.

For more information about the supported cipher specifications, see Table 3.

521 Client has detected that the server has attempted an unexpected protocol fallback

Explanation

An unexpected protocol fallback to an earlier TLS protocol has been detected by the client.

User response

A fallback to an earlier TLS protocol has been detected by the client although the server supports a later TLS protocol. Verify that the application is communicating with the expected remote partner. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

522 Signature algorithm used by the remote partner for a secure connection is not correct.

Explanation

The remote partner used an incorrect or an unexpected signature algorithm during the TLS V1.3 handshake. The remote partner signed its TLS V1.3 handshake messages with a signature algorithm that was not included in its local signature algorithm list (GSK_TLS_SIG_ALG_PAIRS) or one that is not allowed to be used with TLS V1.3.

User response

  • Start of changeContact the remote partner and verify that it is using the correct signature algorithm for the TLS V1.3 handshake. The remote partner may use a signature algorithm that is not supported by the local application to sign TLS handshake messages. If communicating with a z/OS System SSL remote partner, it may use a preferred signature algorithm if there are no signature algorithms in common. See Signature and hash algorithms for more information. In these cases, the local GSK_TLS_SIG_ALG_PAIRS setting should be updated to support the remote partner’s certificate chain.End of change
  • If the remote partner is using an RSA certificate, an RSASSA-PSS signature algorithm (0804, 0805, or 0806) must be used to sign the TLS V1.3 handshake messages.
  • The remote partner used a signature algorithm that is not supported in TLS V1.3 for the certificate verify message. These signature algorithms are not supported in TLS V1.3: Any DSA signature algorithm, RSASSA-PSS and ECDSA with SHA-1 and SHA-224 signature algorithms, and RSA with MD2, MD5, SHA-1 and SHA-224 signature algorithms.

If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

523 Key share list cannot contain more groups than the elliptic curve list

Explanation

There are more groups present in the client’s key share group list (GSK_CLIENT_TLS_KEY_SHARES) than there are present in the client’s elliptic curve or supported groups list (GSK_CLIENT_ECURVE_LIST). The groups specified in the client’s key share list should be a subset of the groups specified in the client’s elliptic curve or supported groups list.

User response

Verify that the groups specified for the client’s key share group list (GSK_CLIENT_TLS_KEY_SHARES) and the client’s elliptic curve or supported groups list (GSK_CLIENT_ECURVE_LIST) are correct. See Table 5 for the supported groups and curve specifications.

524 Remote partner indicates a required TLS extension is missing

Explanation

The remote partner has indicated that the local partner did not send a required TLS extension during the TLS handshake process. The TLS handshake cannot continue.

User response

Ensure that this application is specifying the required extensions by the communicating partner. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

525 Key share list received from remote partner is not correct

Explanation

The remote partner has sent a key share list that is not valid. The key share list contains duplicate key share groups. The TLS handshake cannot continue.

User response

Ensure that the remote partner is sending a valid key share list. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

526 Missing required certificate request signature algorithms

Explanation

The remote server partner did not send the required signature algorithm extension in the certificate request.

User response

Ensure that the remote server partner has sent a certificate request and that it contains a required signature algorithm extension. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

527 Local certificate version does not meet the minimum required version level

Explanation

An X.509 certificate being utilized locally did not meet the minimum allowed System SSL X.509 certificate version. TLS V1.3 requires certificates to be X.509 version 3 certificates.

User response

Ensure that the version of the locally selected certificate is valid.

528 Local certificate key size is smaller than the minimum size allowed

Explanation

The local X.509 certificate contains an RSA or ECC key that is smaller than the minimum size allowed. TLS V1.3 requires that RSA keys have a minimum size of at least 2048 bits, and ECC keys must have a minimum size of at least 256 bits.

User response

Ensure that the key sizes are at least equal to the minimum supported key sizes for the protocol.

529 Certificate key algorithm is not valid

Explanation

The certificate key algorithm is not valid for the selected protocol. If the selected protocol is TLS V1.2 and earlier, the server certificate can use either RSA, DSA, Diffie-Hellman, or ECC as the public/private key algorithm. If the selected protocol is TLS V1.3, the server certificate can use either RSA or ECC as the public/private key algorithm.

User response

Specify a certificate with the appropriate key type.

530 TLS handshake message from the remote partner included an extension that is not allowed or supported

Explanation

A TLS handshake message from the remote partner contained an extension that is not allowed or supported. The remote partner did not correctly encode the TLS handshake message.

User response

Ensure that the remote partner is correctly encoding the TLS handshake message. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

531 Legacy compression field must be a single byte set to 0

Explanation

A TLS handshake message contains an incorrect compression field. The compression field must be a single byte set to 0.

User response

Ensure that the remote partner is correctly encoding the TLS handshake message. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

532 Session ID received from remote partner is not correct

Explanation

A TLS handshake message from the remote partner contains a Session ID value that is different from the Session ID that was sent to the remote partner. The Session ID value in the TLS handshake message from the remote partner must be the same. The attempted TLS handshake fails.

User response

Ensure that the remote partner is correctly encoding the TLS handshake message. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

533 Remote partner indicates unsupported certificate

Explanation

The remote partner has indicated that it does not support the certificate that has been sent to it or the remote partner's own certificate is not supported.

User response

Ensure that the remote partner is correctly configured to receive the configured certificate and the remote partner's own certificate is supported. The remote partner may need to update its supported signature list to allow the certificate’s signature to be used. If the remote partner is another System SSL application, the GSK_TLS_SIG_ALG_PAIRS or GSK_TLS_CERT_SIG_ALG_PAIRS settings may need to be updated. The remote partner may require a minimum key certificate key size. If the remote partner is another System SSL application, the GSK_PEER_RSA_MIN_KEY_SIZE, GSK_PEER_ECC_MIN_KEY_SIZE, GSK_PEER_DSA_MIN_KEY_SIZE, or GSK_PEER_DH_MIN_KEY_SIZE settings may need to be adjusted on the remote partner. If the remote partner is configured correctly, it may be necessary to update the local certificate to one that is supported by the remote application.

If a TLS V1.3 handshake is attempted, there are limitations on the key type and sizes that are allowed for TLS V1.3. See gsk_secure_socket_init() 's usage section for more information.

If the remote partner supports the certificate sent to it, the remote partner's own certificate may need to be updated. If the remote partner is another System SSL application running in FIPS mode, ensure that the remote partner's certificate is supported. See Algorithms and key sizes for more information about the supported certificates in FIPS mode.

If the problem persists, contact the remote partner application to collect additional diagnostic data to determine why the sent certificate or the remote partner's own certificate is not supported.

534 Remote partner indicates an incorrect PSK identity value

Explanation

The client attempted a TLS V1.3 session resumption with only one session ticket present in its pre-shared key extension. The server responded with an unexpected index value present in its pre-shared key extension response.

User response

Ensure that the remote server partner is operating correctly and supports TLS V1.3 session resumption. If the problem persists, contact the vendor of the remote server partner.

535 PSK exchange modes extension from the remote partner does not contain supported value

Explanation

System SSL supports only PSK with (EC)DHE key establishment for TLS V1.3 resumption. The remote partner has not indicated its support of PSK with (EC)DHE.

User response

Ensure that the remote partner supports and is specifying support for PSK with (EC)DHE key establishment for TLS V1.3 resumption. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

If the remote partner is another SSL/TLS provider, contact the vendor of that product.

536 TLS session has expired

Explanation

The server can no longer send or accept session tickets because the number of seconds since the initial handshake has exceeded the server timeout value.

User response

The server cannot send or receive session tickets until the remote partner has requested a new connection and a full TLS V1.3 handshake has been negotiated. If the problem persists, the GSK_SESSION_TICKET_SERVER_TIMEOUT setting may need to be increased.

537 Attempt to send session ticket failed due to incorrect resumption attributes

Explanation

The server is not configured correctly to send a session ticket. This return code is returned to the caller when GSK_SEND_SESSION_TICKET has been specified in a call to gsk_secure_socket_misc(). It can occur because:
  • GSK_SESSION_TICKET_SERVER_ENABLE is set to OFF.
  • GSK_SESSION_TICKET_SERVER_COUNT is greater than 0.
  • A client is attempting to send a session ticket.

User response

Verify the following:
  • GSK_SESSION_TICKET_SERVER_ENABLE is set to ON.
  • GSK_SESSION_TICKET_SERVER_COUNT is set to 0.
  • The call is being made by a server session.
If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

538 Remote partner used an incorrect cipher on a resumption attempt

Explanation

The client detected that the server selected an incompatible cipher specification on the TLS V1.3 resumption handshake attempt. Servers supporting TLS V1.3 resumptions may use a different cipher specification on the resumed handshake as long as the hash algorithm associated with the two ciphers are compatible. If the initial handshake used cipher 1301 and the server selected cipher 1303 on the resumed handshake, this is not allowed as cipher 1301 uses a hash algorithm of SHA-256 while cipher 1303 uses a hash algorithm of SHA-384. The resumption handshake attempt fails.

User response

Contact the remote server partner to determine why they allowed a TLS V1.3 resumption to occur with an incompatible cipher specification. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

If the remote partner is another SSL/TLS provider, contact the vendor of that product.

539 Input buffer contents not valid

Explanation

The provided buffer does not contain valid data for the function being performed.

User response

Provide valid data in the buffer.

540 Protocol is not supported in FIPS mode

Explanation

TLS V1.3 protocol is not supported in FIPS mode.

User response

Currently, the TLS V1.3 protocol is not supported in FIPS mode and is only supported in non-FIPS mode. If the TLS V1.3 protocol is to be enabled, it must be done in non-FIPS mode. Once FIPS mode is disabled in the application, TLS V1.3 can be enabled by setting the GSK_PROTOCOL_TLSV1_3 environment variable or attribute type in gsk_attribute_set_enum().

541 Remote partner indicates sent certificate is not valid.

Explanation

The certificate sent to the remote partner during the handshake was not acceptable to the remote partner.

User response

Ensure that the remote partner application is correctly configured to accept the locally configured certificate. The remote partner may be missing a root CA certificate or does not support the locally configured certificate that has been sent to it. If the remote partner is a System SSL application, collect traces of the failure on both sides and then contact your service representative if the error persists. If the remote partner is another SSL/TLS provider, contact the vendor of that product.

542 Remote partner indicates a handshake failure due to incompatible security parameters.

Explanation

The remote partner is unable to successfully perform a handshake due to incompatible security parameters. This error can occur if:
  • The client and server cipher specifications do not contain at least one value in common. Client and server cipher specifications might be limited depending on which System SSL FMIDs are installed. See Cipher suite definitions for more information. Server cipher specifications are dependent on the type of algorithms that are used by the server certificate (RSA, DSA, ECDSA, or Diffie-Hellman), which might limit the options available during cipher negotiation.
  • If this is a client application attempting a TLS 1.3 handshake, ensure that the remote server partner has support for the groups specified in the GSK_CLIENT_TLS_KEY_SHARES and GSK_CLIENT_ECURVE_LIST settings.

User response

Ensure that the client and the server have at least one cipher specification. If the problem persists, collect a System SSL trace and contact the remote partner to obtain the necessary diagnostics or traces to determine why the handshake failed.

543 Remote partner indicates sent TLS handshake message is not valid.

Explanation

The remote partner has indicated that a TLS message sent from the local application is not valid.

User response

Ensure that the remote partner is correctly parsing the sent TLS message. If the problem persists, collect a System SSL trace and contact the remote partner to obtain the necessary diagnostics or traces to determine why the TLS message is not valid.

Start of change

544 Missing required TLS extended master secret extension from remote partner

Explanation

The TLS server or client encountered a communicating partner that does not support the extended master secret extension. The TLS extended master secret extension is specified as required locally and the communicating partner did not send or provide the extension during the TLS V1.0, TLS V1.1, or TLS V1.2 handshake.

User response

If running as a client application, the GSK_CLIENT_EXTENDED_MASTER_SECRET option has been set to REQUIRED; however, the remote server partner did not include the extended master secret extension during the TLS V1.0, TLS V1.1, or TLS V1.2 handshake. Ensure that the GSK_CLIENT_EXTENDED_MASTER_SECRET option is set appropriately for the remote server partners that are being contacted. If the server partner is a z/OS System SSL application, ensure that the GSK_SERVER_EXTENDED_MASTER_SECRET option is set to ON or REQUIRED and it must be running z/OS V2R3 or later and have PTFs for APAR OA60105 (z/OS V2R3 and V2R4) applied and active. If the remote server partner is another SSL/TLS provider, contact the remote server partner vendor to enable support for the extended master secret extension.

If running as a server application, the GSK_SERVER_EXTENDED_MASTER_SECRET option has been set to REQUIRED; however, the remote client partner did not include the extended master secret extension during the TLS V1.0, TLS V1.1, or TLS V1.2 handshake. Ensure that the GSK_SERVER_EXTENDED_MASTER_SECRET option is set appropriately for the remote client partners that are communicating with this server. If the client partner is a z/OS System SSL application, ensure that the GSK_CLIENT_EXTENDED_MASTER_SECRET option is set to ON or REQUIRED and it must be running z/OS V2R3 or later and have PTFs for APAR OA60105 (z/OS V2R3 and V2R4) applied and active. If the remote client partner is another SSL/TLS provider, contact the remote client partner vendor to enable support for the extended master secret extension.

End of change
Start of change

545 Extended master secret extension mismatch detected on cached TLS handshake attempt

Explanation

The TLS client attempted to use a previously negotiated session with the server that did not originally negotiate the extended master secret extension. On the cached handshake attempt, the remote server indicated that it was able to successfully use the cached session; however, it included the extended master secret extension which is not allowed.

User response

Contact the remote server partner to determine why it is sending the extended master secret extension on a cached TLS handshake. If the problem persists, collect a System SSL trace containing the error and then contact your service representative.

End of change
Start of change

546 Incorrect extended key usage.

Explanation

The extended key usage certificate extension does not permit the requested key operation. This error can occur if the extended key usage extension of a client or server certificate restricts the purposes for which the certificate’s key can be used.
  • Server certificates used for server authentication in 3280 or 5280 validation mode with an extended key usage extension must allow either the serverAuth or the anyExtendedKeyUsage purpose.
  • Client certificates used for client authentication in 3280 or 5280 validation mode with an extended key usage extension must allow either the clientAuth or the anyExtendedKeyUsage purpose.

User response

Specify a certificate with the appropriate extended key usage.

End of change

601 Protocol is not SSL V3, TLS V1.0, TLS V1.1, TLS V1.2, or TLS V1.3.

Explanation

The requested function requires the SSL V3, TLS V1.0, TLS V1.1, TLS V1.2, or TLS V1.3 protocol.

User response

Ensure that the correct protocol is in use before issuing the request.

602 Function identifier is not valid.

Explanation

The function identifier that is specified for gsk_secure_socket_misc() is not valid.

User response

Specify a valid function identifier.

603 Specified function enumerator is not valid.

Explanation

The value that is specified is not a value that is enumerated as a function for the API.

User response

Ensure that the correct function enumerator is coded for the function.

604 Send sequence number is near maximum value

Explanation

While using TLS V1.1 or higher protocol, the send sequence number is near the maximum value before which it wraps. For TLS V1.1 and higher, an SSL handshake must occur to reset the send sequence number before the sequence number wrapping. System SSL is unable to automatically initiate a handshake on the current function call. This code is not returned again until after a handshake for the connection resets the send sequence number and the send sequence number is again near the maximum value.

User response

The caller should initiate a handshake by calling gsk_secure_socket_misc, specifying GSK_RESET_CIPHER.When the handshake is initiated, the previous function call that returned this code can be called again.

605 Specified function not supported by protocol version

Explanation

The gsk_secure_socket_misc() functional identifier is not supported by the protocol version.

User response

The functional identifier is not supported by the connection protocol. GSK_RESET_WRITE_CIPHER is only supported by TLS V1.3 connections.

701 Attribute identifier is not valid.

Explanation

The attribute identifier is not valid.

User response

Specify a valid attribute identifier.

702 Attribute length is not valid.

Explanation

The attribute length is not valid.

User response

Specify a valid attribute length.

703 Enumeration is not valid.

Explanation

The enumeration value is not valid.

User response

Specify a valid enumeration value.

704 Session identifier cache callback is not valid.

Explanation

The session identifier cache callback values are not valid. All callback routines must be provided to use an application session identifier cache.

User response

Specify valid session identifier cache callback values.

705 Numeric value is not valid.

Explanation

The numeric value is not valid.

User response

Specify a valid numeric value.

706 Attribute parameter is not valid.

Explanation

The attribute parameter value is not valid.

User response

Specify a valid attribute parameter value.

707 TLS extension type is not valid.

Explanation

The TLS extension type is not valid or not supported.

User response

Specify a valid or supported TLS extension type value.

708 Supplied TLS extension data is not valid.

Explanation

TLS extension data that is submitted to the SSL environment or connection is incorrectly defined.

User response

Ensure that the TLS extension data is correctly defined. If the problem persists collect a System SSL trace and contact your service representative.