Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
EZD1916I z/OS Communications Server: IP Messages Volume 2 (EZB, EZD) SC27-3655-01 |
|
EZD1916I NSS server cryptographic services are disabled for stack tcpname -
FIPS140 support is enabled for the IKE daemon but is not enabled
for the NSS server ExplanationThe Federal Information Processing Standard 140 (FIPS 140) function is enabled for the IKE daemon, but it is not enabled for the network security services (NSS) server. The NSS server is not permitted to provide cryptographic services to the IKE daemon for the stack. In the message text:
System actionIKED will not enable cryptographic services through the NSS server for the named stack. IKE daemon processing continues. Operator responseContact the system programmer. System programmer responseWhen the IKE daemon is enabled for FIPS 140 support, stacks that are configured to use the NSS server for cryptographic services require that the NSS server also be enabled for FIPS 140 support. The stack configuration, the IP security policy for the stack, the IKE daemon configuration, and the NSS server configuration must all be consistent. To understand the implications and requirements for enabling FIPS 140 support in your environment, see the information about FIPS 140 and IP security in z/OS Communications Server: IP Configuration Guide. User responseNot applicable. Problem determinationNone. Sourcez/OS® Communications Server TCP/IP: IKE daemon Modulestackobj.cpp Routing code11 Descriptor code7 AutomationThis message is output to syslog. Example
|
Copyright IBM Corporation 1990, 2014
|