IBM Support

IT34885: SIMPLIFIED SSL CONNECTIONS MAY FAIL WITH GSKIT ERROR 414 WHEN A STASH FILE IS IN USE

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • When simplified SSL connections are in use, such as when the
    SSLServerCertificate keyword is specified in the db2cli.ini,
    db2dsdriver.cfg, or the connection string, connections using SSL
    may fail with a GSKit 414 error when the following conditions
    are met:
    
    - The SSL_CLNT_KEYDB DBM CFG parameter is set, or the
    SSLClientKeystoredb keyword is set in the db2cli.ini,
    db2dsdriver.cfg, or connection string
    
    and
    
    - The SSL_CLNT_STASH DBM CFG parameter is set, or the
    SSLClientKeystash keyword is set in the db2cli.ini,
    db2dsdriver.cfg, or connection string
    

Local fix

  • Use a Keystore DB password instead of a stash file.
    
    Un-set the SSL_CLNT_STASH dbm cfg parameter, or remove the
    SSLClientKeystash keyword from the db2cli.ini, db2dsdriver.cfg,
    or connection string.
    
    Set the SSLClientKeyStoreDBPassword in the db2cli.ini,
    db2dsdriver.cfg, or connection string to allow clients to use
    the keystore DB password instead of the stash file.
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * All DB2 clients on all Linux, Unix and Windows platforms at  *
    * service levels Version 11.1 GA through to Version 11.1.4 Fix *
    * Pack 5                                                       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * See Error Description                                        *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Upgrade to DB2 Version 11.1.4 Fix Pack 6 or higher.          *
    ****************************************************************
    

Problem conclusion

  • The complete fix for this problem first appears in DB2 Version
    11.1.4 Fix Pack 6 and all subsequent Fix Packs.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IT34885

  • Reported component name

    DB2 FOR LUW

  • Reported component ID

    DB2FORLUW

  • Reported release

    B10

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2020-11-11

  • Closed date

    2021-03-31

  • Last modified date

    2021-03-31

  • APAR is sysrouted FROM one or more of the following:

    IT34884

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    DB2 FOR LUW

  • Fixed component ID

    DB2FORLUW

Applicable component levels

[{"Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"11.1"}]

Document Information

Modified date:
01 April 2021