APAR status
Closed as program error.
Error description
On converting users to using Certificate Based Authentication, when a user gets revoked, the ID associated with the certificate, then Host On-Demand (HOD) will continue attempting to make a session. HOD needs to stop attempting to connect when the client certificate is not accepted or is revoked. This HOD impediment to handle matters causes security violations because the user is leaving the HOD up instead of closing the session. There needs to be an option in HOD: an explicit message that alerts the user about the connection refusal due to revocation.
Local fix
Problem summary
When a user gets revoked and the ID associated with the certificate, then Host On-Demand (HOD) will continue attempting to make a session. The Host On-Demand client needs to stop attempting to connect when the client certificate is not accepted or is revoked.
Problem conclusion
Code changes have been made to fix this issue.
Temporary fix
Comments
APAR Information
APAR number
OA67185
Reported component name
HOD MVS
Reported component ID
5733A5900
Reported release
E00
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2024-11-03
Closed date
2025-02-03
Last modified date
2025-02-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
HOD MVS
Fixed component ID
5733A5900
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSS9FA","label":"IBM Host On-Demand"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"E00","Line of Business":{"code":"LOB70","label":"Z TPS"}}]
Document Information
Modified date:
04 February 2025