IBM Support

JR53424: SUPPORTED CIPHER SUITES CONFIGURED ON SSL CONFIG ARE NOT PROPAGATED TO THE HTTP IMPORT BINDING

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • If you change the cipher suites in the administrative console
    (by selecting Security > SSL certificate and key management >
    SSL certificate and key management > SSL configurations > <SSL
    configuration name> > Quality of protection (QoP) settings)
    and create a HTTP import binding in your SCA module, you see
    that the HTTP import binding does not use the changed cipher
    suites. The default cipher suites are used.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  IBM Business Process Manager (BPM)          *
    *                  Advanced                                    *
    ****************************************************************
    * PROBLEM DESCRIPTION: If you change the cipher suites in      *
    *                      the administrative console (by          *
    *                      selecting Security > SSL certificate    *
    *                      and key management > SSL certificate    *
    *                      and key management > SSL                *
    *                      configurations > <SSL configuration     *
    *                      name> > Quality of protection (QoP)     *
    *                      settings) and create a HTTP import      *
    *                      binding in your SCA module, you see     *
    *                      that the HTTP import binding does not   *
    *                      use the changed cipher suites. The      *
    *                      default cipher suites are used.         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    The HTTP import binding component dose not retrieve the
    configured cipher suites when it sends out the HTTPS request.
    

Problem conclusion

  • A fix is available for IBM BPM V8.5.6.0 that ensures the HTTP
    import binding component retrieves and uses the configured
    cipher suites when it sends out the HTTPS request.
    
    On Fix Central (http://www.ibm.com/support/fixcentral), search
    for JR53424:
    
    1. Select IBM Business Process Manager with your edition from
    the product selector, the installed version to the fix pack
    level, and your platform, and then click Continue.
    2. Select APAR or SPR, enter JR53424, and click Continue.
    
    When you download fix packages, ensure that you also download
    the readme file for each fix. Review each readme file for
    additional installation instructions and information about the
    fix.
    

Temporary fix

Comments

APAR Information

  • APAR number

    JR53424

  • Reported component name

    BPM ADVANCED

  • Reported component ID

    5725C9400

  • Reported release

    856

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2015-05-21

  • Closed date

    2015-08-05

  • Last modified date

    2015-08-05

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    BPM ADVANCED

  • Fixed component ID

    5725C9400

Applicable component levels

  • R800 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSFTN5","label":"IBM Business Process Manager Advanced"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"856","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
05 August 2015