Troubleshooting
Problem
Error: getreply Received From Remote <550 SSL Fail (SSLTCP:553:SSL_do_handshake:timeout) (SCI81254)
Symptom
Primary Socket connection:207.241.10.136 [52815] <-> 207.241.10.136 [990]
getreply: received from remote <550 SSL Fail
(SSLTCP:553:SSL_do_handshake:timeout <br/> tcp:-1001:SSL Handshake did not
comp>ete. (SSL_ERROR_WANT_READ):)
Error in processing <OPEN 990
ftp.financialgo.net>command Code = -1
Cause
Listening on port 990. This port
990 is a well known port for implicit mode FTP/SSL which C:E UNIX does not
support. This connection will not work. If the remote must configure to do
Explicit mode FTP/SSL then C:E should be configured to connect to it.
Resolving The Problem
Connect:Enterprise UNIX only operates in explicit mode.
Configure the Server to listen on a port greater than 1024 (above the well know "Preassigned" Port range)
The difference between implicit and explicit is that the server expects:
- Implicitly to go directly into an SSL connection
- Explicitly sending a banner getting an AUTH command and responding with a 234.
i.e. Implicit mode works just like HTTP(S) where a browser goes directly into SSL handshake with a webserver. In this case, a client goes directly into SSL handshake with an FTP server. 990 is a well known port for this just like 21 is for FTP.
NOTE:
Although there is nothing
special about these ports you can do FTP on 10021 for example, but the idea
behind the well known port concept is that you would expect a certain protocol
(response) on a certain port. Not always true, but it is the expectation.
Historical Number
PRI28347
Product Synonym
[<p><b>]Fact[</b><p>];Connect:Enterprise UNIX, Release 2.1.00 [<br/>] SCI81254
Was this topic helpful?
Document Information
Modified date:
17 December 2019
UID
swg21544877