When configuring XCOM for IBM System SSL is it possible to specify a value of NO for the VERIFY_CERTIFICATE parameter(s) in the SYSconfigSSL.cnf?
[VERIFY_CERTIFICATE]
INITIATE_SIDE = NO
RECEIVE_SIDE = NO
The value of “NO” is not valid value for the VERIFY_CERTIFICATE parameter in the SYSconfigSSL.cnf. This is due to rules being stricter and verification cannot be disabled when using TLS. The proper values for the parameter are: YES, RFC2459 and RFC3280. Specifying a value of YES will validate the certificates using any RFC supported by IBM System SSL.
If a value of NO is specified, the transfers will end with message:
XCOMM0780E Txpi 410: TxpiSystemSSLConfig Syntax error Element nb: 28 Section = <VERIFY_CERTIFICATE> Parameter = <INITIATE_SIDE>