APAR status
Closed as fixed if next.
Error description
When rendering a report containing images referenced by absolute HTTPS URL to PDF, CA fails to retrieve the images if the server hosting the images is supporting TLS1.2 and is strictly RFC 5246 compliant and uses a non-SHA1 signature on its server certificate. This is caused by CA NOT sending the signature_algorithms extension in ClientHello. This will cause strict implementations of TLS1.2 RFC 5246 to conclude that the client only supports SHA1 and RSA signature algorithms and hence the server will close the connection instantly as it is deemed incompatible.
Local fix
- Disable TLS 1.2 on the IIS. TLS1.1 does not enforce the signature-algorithms extension - Do not use IIS - insert SSL terminating proxy, which uses TLS1.1 to talk to IIS - copy images to APPTiers (ref. "Resolving images")
Problem summary
**************************************************************** * USERS AFFECTED: * * All Users * * * **************************************************************** * PROBLEM DESCRIPTION: * * See Error Description * * * **************************************************************** * RECOMMENDATION: * * Upgrade to IBM Cognos Analytics 11.1.2 * ****************************************************************
Problem conclusion
Temporary fix
Comments
APAR Information
APAR number
PH04951
Reported component name
COG REPORT STUD
Reported component ID
5724W12RS
Reported release
B0A
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-11-06
Closed date
2019-06-05
Last modified date
2019-06-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSCHNWW","label":"Report Authoring v11x"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"B0A","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
05 June 2019