Receiving error message DFHSO0123 when establishing an SSL connection with CICS running under CA Top Secret


Article ID: 144509


Updated On:


CA Top Secret CA Top Secret - LDAP


Setup CICS with digital certificates and getting the following error message:

DFHSO0123 01/07/2020 16:50:43 S1CXL2 Return code 412 received from function gsk_secure_socket_init  of System SSL. Reason:     
            Unsupported operation. Peer:, TCPIPSERVICE: ISIDIPIC.                                                   
 DFHIS1012 01/07/2020 16:50:43 S1CXL2 Invalid capability exchange request received on TCPIPSERVICE ISIDIPIC. Error code is (code


Release : 16.0

Component : CA Top Secret for z/OS


CICS is receiving a SOURCE restriction failure. To resolve the problem, there are two option:

1. Authorize the CICS region acid to the SOURCE via TSS ADD(cicsregion) SOURCE(source)

2. Set OPTIONS(88) in the CA Top Secret Control Options File TSSPARMS. Allows an issued RACROUTE security call with POE=port_of_entry_address even when the ACID has a SOURCE restriction that does not match the port of entry (POE) address.