using xrdcp 4.10.0 with two xrootd 5.0.0 servers. With 1094, which is configured: ``` xrd.tls /etc/grid-security/xrootd/hostcert.pem /etc/grid-security/xrootd/hostkey.pem xrd.tlsca noverify xrootd.tls session ofs.tpc fcreds ?gsi =X509_USER_PROXY logok pgm /usr/share/xrootd/v5.0.0/bin/xrdcp --server sec.protocol gsi -cert:/etc/grid-security/xrootd/hostcert.pem -key:/etc/grid-security/xrootd/hostkey.pem -dlgpxy:1 -exppxy:=creds ``` the client fails the TLS handshake but keeps retrying (attached log). With 1096, configured: ``` xrd.tls /etc/grid-security/xrootd/hostcert.pem /etc/grid-security/xrootd/hostkey.pem xrd.tlsca certdir /etc/grid-security/certificates log failure xrootd.tls login sec.protocol unix ``` the client fails with a login failed (from the TLS handshake). In both cases, the "capable" directive is not given, so TLS should be enforced. Client logs: [1094.log](https://github.com/xrootd/xrootd/files/4281820/1094.log) [1096.log](https://github.com/xrootd/xrootd/files/4281821/1096.log) -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/xrootd/xrootd/issues/1146 ######################################################################## Use REPLY-ALL to reply to list To unsubscribe from the XROOTD-DEV list, click the following link: https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1