IBM Support

MA47987 - LIC-COMM-SSL SYSTEM TLS OCSP STAPLING SUPPORT

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 APAR (Authorized Program Analysis Report)

Abstract

LIC-COMM-SSL SYSTEM TLS OCSP STAPLING SUPPORT

Error Description

IBM i System Transport Layer Security has been enhanced to keep
up with the emerging industry standard for TLSv1.3 and to      
enhance the support for TLSv1.2.                                
                                                               
The native IBM i JSSE provider has been enhanced to include    
support for Transport Layer Security version 1.3 (TLSv1.3)      
protocol.                                                      
TLSv1.3 has been enhanced to support elliptic curve            
Diffie-Hellman key exchange using Curve25519(x25519) and        
Curve448(448)                                                  
TLSv1.2 has been enhanced to support ChaCha20 Poly1305 cipher  
suites.                                                        
Online Certificate Status Protocol (OCSP) stapling support has  
been added to TLSv1.3 and TLSv1.2                              
RSASSA-PSS certificate type has been added to TLSv1.3          

Problem Summary

Please see the ERROR DESCRIPTION section.                      

Problem Conclusion

System TLS has OCSP stapling support now, and can be enabled    
using the GSKit APIs or on application definitions using Digital
Certificate Manager.                                            

Temporary Fix

Comments

Circumvention


PTFs Available

R740 MF66739  0121

Affected Modules


         
         

Affected Publications

Summary Information

Status............................................CLOSED PER
HIPER...........................................No
Component..................................9400DG300
Failing Module..........................RCHMGR
Reported Release...................R740
Duplicate Of..............................




IBM i Support

IBM disclaims all warranties, whether express or implied, including, but not limited to, the implied warranties of merchantability and fitness for a particular purpose. By furnishing this document, IBM grants no licenses to any related patents or copyrights. Copyright © 1996,1997,1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017, 2018, 2019, 2020 IBM Corporation. Any trademarks and product or brand names referenced in this document are the property of their respective owners. Consult the Terms of use link for trademark information

[{"Type":"MASTER","Line of Business":{"code":"LOB57","label":"Power"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SWG60","label":"IBM i"},"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"7.1.0"},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG15Q","label":"APARs - OS\/400 General"},"Component":"","ARM Category":[],"Platform":[{"code":"PF012","label":"IBM i"}],"Version":"V7R4M0","Edition":"","Line of Business":{"code":"","label":""}}]

Document Information

Modified date:
15 May 2020

Page Feedback