SSL: unable to setup connection (ERR=-5902)
Good afternoon everyone.
I'm having issues connecting to a specific server using c10le with OS 7.0.113 (s10 with older WTOS work just fine). The error message I receive is "SSL: unable to setup connection (ERR=-5902)" it's 100% reproduce-able (i.e. happens all the time).
Here's what I tried already:
1) Saved SSL certificate as base64 *.cer from windows RDP client and imported it to c10le via ini file (successful import confirmed via event log).
2) Downloaded root CA of Entrust and imported it to c10le (also successfully)
3) Confirmed date/time settings on the terminal (accurate for EDT)
4) Renamed *.cer certificates to *.crt and imported again
And I'm still getting this error. Since the server is publicly accessible, could someone with c10le/7.0.113 please try it from your end - ts1.ontrackinview.com.
Perhaps there is a way to ignore SSL and make client behave like version 6 (which works flawlessly with this server)?
Any suggestions are greatly appreciated, thanks.
If anyone is still watching this thread... I ran into this when attempting to test a new z10D in my current v10 environment. At least in v8 of WTOS, by default it looks for an SSL cert - the default for this functionality is "SecurityMode=Warning", which allegedly should still check for the cert, but still allow you to log on if the cert is not valid. In my situation, I got the error, but it would not let me pass. Since we don't use certs for this internal deployment, I added the following to the wnos.ini file:
FileServer=[IP or hostname of FTP server] \
and it let me through. It will still throw the error, but ignores it. I suspect if you are using certs, you should tell it where your cert server and file locations are and it should work.
I can't say if this is your exact problem, but it sounds like it might actually be GaryF's and so might be yours as well. ThinOS appears to be incompatible with wildcard certs and will give you an invalid cert error even if it's normally valid in say the Windows world. Once we switched to real, named certs our SSL issues went away.