IBM Support

IY59615: pdmgrd will ignore ca-cert-download-enabled

Direct links to fixes

5.1.0-TIV-TAM-IF0043-WIN
5.1.0-TIV-TAM-IF0043-LIN
5.1.0-TIV-TAM-IF0043-PPC
5.1.0-TIV-TAM-IF0043-SOL
5.1.0-TIV-TAM-IF0043-S390
5.1.0-TIV-TAM-IF0043-HP
5.1.0-TIV-TAM-IF0043-AIX
Tivoli Access Manager for e-business Base 5.1, Patch 5.1.0-TIV-TAM-FP0041
Tivoli Access Manager for e-business Base 5.1, Patch 5.1.0-TIV-TAM-FP0042
Tivoli Access Manager for e-business Base 5.1, Patch 5.1.0-TIV-TAM-FP0039

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as documentation error.

Error description

  • ENV : Access Manager 5.1

According to AM 5.1 Base Administrators Guide page 276,
ca-cert-download-enabled functionality is supported.
But ca-cert-download-enabled parameter seemed to be no effect.
This is the response from L3:
----------------------------------------------------------------
The behavior changed for the server from the 4.1 to 5.1 release,
since it was deemed that there's no security problem with the
server providing its certificate if so requested. It us up to
the client to determine how it wants to acquire the server's
certificate.
It is up to you if you want to open an APAR, but if you do, open
it against the pubs for AM 5.1, since we will have to document
that the server always provides his certificate, ignoring the
configuration setting.
----------------------------------------------------------------
We need to correct the base admin guide to tell the customer
that ca-cert-download-enabled will ignore by pdmgrd on AM5.1.

Local fix

  • 



Problem summary


    

  • See problem description.

    



Problem conclusion


    

  • Following information has been added to the README:

7.24 pdmgrd will ignore ca-cert-download-enabled

pdmgrd always allows CA certificate download,
it is up to the client application to allow
downloading of the certificate.


This is documented in the README for 5.1.0-TIV-TAM-FP0006.

    



Temporary fix


    

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IY59615
    • 

  • Reported component name
    ACCESS MGR E-BU
    • 

  • Reported component ID
    5724C0800
    • 

  • Reported release
    510
    • 

  • Status
    CLOSED  DOC
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2004-07-29
    • 

  • Closed date
    2004-09-30
    • 

  • Last modified date
    2004-09-30
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSPREK","label":"IBM Security Access Manager for Web"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"510","Line of Business":{"code":"LOB24","label":"Security Software"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            13 November 2021
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback