Fixes are available
APAR status
Closed as program error.
Error description
TG not start if TLS CIPHER in the protocol sssl.handler, getting this error CTG6525E Unable to start handler for the ssl: protocol, port:3100, because: Ýjava.lang.IllegalArgumentException: CTG6495E No cipher suites available for use by SSL connection~
Local fix
yes
Problem summary
IBM JSSE doesn't distinguish between SSL and TLS prefix in the name of the cipher suites. CICS TG filters the enabled cipher suites that are configured by comparing it with cipher suites listed provided by IBM JSSE's getSupportedCipherSuites implementation. Since this method does not list TLS prefixed cipher suites, CICS TG throws the error "CTG6495E No cipher suites available for use by SSL connection".
Problem conclusion
As IBM JSSE implementation supports both SSL and TLS prefixed cipher suites, CICS TG is enabled to handle TLS prefixed cipher suites as the supported cipher suites for the connection
Temporary fix
Comments
APAR Information
APAR number
PH20441
Reported component name
CICS TRNS GATE
Reported component ID
5724I8103
Reported release
910
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2019-12-18
Closed date
2023-07-05
Last modified date
2023-07-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
CICS TRNS GATE
Fixed component ID
5724I8103
Applicable component levels
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMJ2","label":"CICS Transaction Gateway"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.1","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
05 July 2023