Problem Determination

Following is some information to help you avoid problems that might be related to TLS configuration.

• With server-side authentication, the common name in the sever's certificate is always compared to the name you type in the Host Name field on the client. These names must match exactly. You cannot:
  • Type the IP address in one place and the host name in the other
  • Type wrt05306 in one place and WTR5306 in the other
  Note: This information is available only from the target server administrator.
• Make sure that TLS is enabled on both the Z and I Emulator for Windows client and the TLS server.
• Makes sure that the port number in the Advanced configuration panel on the client matches the port number defined in the server.
• For each different server using a self-signed certificate, you must add a copy of each of the server certificates to your keyring.
• Be sure there is a root certificate of the proper class to correspond with the class and issuer of the certificate on the server.
• Make sure that the password to your key database has not expired.