IBM Support

IT34885: SIMPLIFIED SSL CONNECTIONS MAY FAIL WITH GSKIT ERROR 414 WHEN A STASH FILE IS IN USE

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When simplified SSL connections are in use, such as when the
    SSLServerCertificate keyword is specified in the db2cli.ini,
    db2dsdriver.cfg, or the connection string, connections using SSL
    may fail with a GSKit 414 error when the following conditions
    are met:
    
    - The SSL_CLNT_KEYDB DBM CFG parameter is set, or the
    SSLClientKeystoredb keyword is set in the db2cli.ini,
    db2dsdriver.cfg, or connection string
    
    and
    
    - The SSL_CLNT_STASH DBM CFG parameter is set, or the
    SSLClientKeystash keyword is set in the db2cli.ini,
    db2dsdriver.cfg, or connection string
    

Local fix

  • Use a Keystore DB password instead of a stash file.
    
    Un-set the SSL_CLNT_STASH dbm cfg parameter, or remove the
    SSLClientKeystash keyword from the db2cli.ini, db2dsdriver.cfg,
    or connection string.
    
    Set the SSLClientKeyStoreDBPassword in the db2cli.ini,
    db2dsdriver.cfg, or connection string to allow clients to use
    the keystore DB password instead of the stash file.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * All DB2 clients on all Linux, Unix and Windows platforms at  *
    * service levels Version 11.1 GA through to Version 11.1.4 Fix *
    * Pack 5                                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * See Error Description                                        *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Upgrade to DB2 Version 11.1.4 Fix Pack 6 or higher.          *
    ****************************************************************
    

Problem conclusion

  • The complete fix for this problem first appears in DB2 Version
    11.1.4 Fix Pack 6 and all subsequent Fix Packs.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IT34885

  • Reported component name

    DB2 FOR LUW

  • Reported component ID

    DB2FORLUW

  • Reported release

    B10

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-11-11

  • Closed date

    2021-03-31

  • Last modified date

    2021-03-31

  • APAR is sysrouted FROM one or more of the following:

    IT34884

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    DB2 FOR LUW

  • Fixed component ID

    DB2FORLUW

Applicable component levels

  • RB10 PSN

       UP

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"DB2 for Linux- UNIX and Windows"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.1","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
03 May 2022