ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Error XCOMM0780E illegal parameter +++ SS

book

Article ID: 240258

calendar_today

Updated On:

Products

XCOM Data Transport - z/OS

Issue/Introduction

Initiated a transfer from XCOM for z/OS that is configured with IBM System SSL to a XCOM for z/OS configured with OpenSSL. The transfer fails with the following message on the receiving server:

XCOMM0780E Txpi  308: TxpiInitSSL Failed msg = <error:14094417:SSL routines:SSL3_READ_BYTES:sslv3 alert illegal parameter +++ SS                                                   

 

Environment

Release : 12.0

Component : XCOM Data Transport for z/OS

Resolution

Capture a System SSL trace and have Security Admin or IBM review it. This is not an XCOM trace, but an SSL trace that will assist in determining the actual cause of the message. According to IBM documentation:

410 SSL message format is incorrect.

Last Updated: 2021-06-25

Explanation

An incorrectly formatted SSL message is received from the communication partner.

User response

Collect a System SSL trace containing a dump of the SSL message and then contact your service representative.

 

Additional Information

To enable the System SSL trace you would do the following:

you need to add the following to the JCL:
//CEEOPTS DD *
ENVAR("GSK_TRACE=0x3F",
"GSK_TRACE_FILE=/tmp/gskssl.%.trc")
/*


The CEEOPTS DD statement is used to specify LE runtime options. The ENVAR option is used to set environment variables which System SSL will use during the run. Variable GSK_TRACE enables System SSL tracing and GSK_TRACE file specifies the name of the UNFORMATTED trace file which will be created by SystemSSL. The percent sign in the file name replaces to the numeric Unix process ID which creates the file. Value /tmp/gskssl.%.trc is the default and of course you may specify a different name if you need.

Once you have the unformatted SystemSSL trace file, you need to format it into readable statements using the 'gsktrace' utility. The command is:

gsktrace input_file > output_file