This intermittent problem started for XCOM z/OS to Windows transfer since XCOM for Windows SP03 had OpenSSL patch LU03588 installed.
XCOMM1510E System SSL Function gsk_secure_socket_init: RC = 435: Reason = Certification authority is unknown
Multiple Windows XCOM servers are used for the destination.
There had been a certificate change on the Windows servers at the same time as the patch install and it was identified that one of the servers was not responding accordingly.
The z/OS logs for failed transfers all target the same IP address:
06:00:19 <IPadress> 002000 XCOMM0813I SECURE TCP/IP CONNECTION REQUESTED WITH DEST=**NONE**, PORT=08045,
IP=www.yyy.xxx.zzz
22028 06:00:19.7 XCOMM1516W SSLv3 protocol enabled. This is an obsolete and insecure protocol. It is
recommended to switch SSL_METHOD to TLS
22028 06:00:19.8 XCOMM1510E System SSL Function gsk_secure_socket_init: RC = 435: Reason = Certification
authority is unknown
06:00:19 <IPaddress> 002000 XCOMM0093E ERROR ACTIVATING SESSION - SESSION NOT ESTABLISHED
After doing a certificate refresh the z/OS transfers were then all working normally.
The certificate problem being specific to one Windows server of the group of servers being used explains the intermittent nature of the error on z/OS (the same IP Address shown in the failed z/OS job logs represented the problem server and transfers to the other servers were working OK).