Error Messages

Connection Failed SSL to host : port

The most likely cause of this error is that the service is not running on the server, or the port number is incorrect.

This message can also be returned if the server refuses the SSL connection. The most likely causes are that the server is expecting a client certificate but none has been specified or the client certificate specified is invalid for some reason. This error may also be seen if the server is running an incompatible version of SSL. TeemTalk currently supports SSL2, SSL3 and TLS.

No Root Certificate assigned

This is caused when no Root Certificate or no CACertificate Databse was specified in the SSL Settings dialog for the connection. If no root certificate is available, the server certificate check can be bypassed by selecting the Do not verify host's certificate option.

The issuer certificate of a locally looked u certificate could not be found. / No certificates could be verified.

The server's identity certificate was not signed by any of the root certificates installed in TeemTalk. TeemTalk will not connect to a host it cannot verify.

The host name did not match any of the valid hosts for this certificate

The common name is part of the server's certificate. SSL assumes this will match the host name given in the IP Address box in the SSL Settings dialog. If they do not match TeemTalk will not connect to the host.

Notes About Certificates

The SSL Protocol uses three types of certificates:

Server certificates. These are always sent by the server to the client to validate the server's identity. SSL handles them internally and they are never saved on the client.

Client certificates. These are sent by the client, only if the server requests them, and validate the client's identity. The client will need to store these locally. Usually a client will only have one certificate to validate it on a particular server but different servers may require different client certificates.

CA (Certificate Authority) or root certificates. These are used to authenticate the other two types. The client will need to store these locally.

Storage of Certificates

Unlike previous versions of TeemTalk, certificates are no longer imported and stored in the local system registry. TeemTalk now pulls the certificate values as needed from their original container file. If the certificate file is moved or deleted, the SSL connection will fail until the certificate information is corrected in the SSL Settings dialog.

SSL Transport

29

Page 41
Image 41
HP TeemTalk Terminal Emulator 8 E-License Error Messages, Storage of Certificates, Connection Failed SSL to host port