IBM Support

IT10038: BASE SSL PORT does not support TLS 1.2 ONLY ACCESS

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

Direct link to fix

si_52_build_5020500_hotfix_7

 

APAR status

  • Closed as program error.

Error description

  • Customer's security team ran port scan and found that Base SSL
Port implementation allows TLS 1.0 or TLS 1.1 access.  This per
customer posese security threat and would like to see TLS 1.2
enabled for Base SSL port access.

Local fix

  • 



Problem summary


    

  • Users Affected:
All

Problem Description:
Base SSL port is allowing TLS 1.0-1.1 access which violates
customer's security policy. They would like to restrict the
access to TLS 1.2 only.

Platforms Affected:
All

    



Problem conclusion


    

  • Resolution Summary:
A code fix has been provided.

Delivered in:
5020500_7

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IT10038
    • 

  • Reported component name
    STR B2B INTEGRA
    • 

  • Reported component ID
    5725D0600
    • 

  • Reported release
    525
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2015-07-13
    • 

  • Closed date
    2015-07-23
    • 

  • Last modified date
    2015-07-31
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    STR B2B INTEGRA
    • 

  • Fixed component ID
    5725D0600
    • 



Applicable component levels


    

  • R525  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.2.5","Edition":"","Line of Business":{"code":"LOB02","label":"AI Applications"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            31 July 2015
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback