IBM Support

PH39955: FILE MANAGER NEW CONFIGURATION PARAMETER TO SPECIFY CERTIFICATE TRUST KEY STORE

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as new function.

Error description

  • File Manager New configuration parameter to specify certificate
    trust key store
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All File Manager users.                      *
    ****************************************************************
    * PROBLEM DESCRIPTION: File Manager does not have an option to *
    *                      specify a certificate trust key store   *
    *                      for validating remote services          *
    *                      connections. By default it only checks  *
    *                      the local host's SITE certificates when *
    *                      validating a remote host's certificate  *
    *                      during SSL/TLS handshake.               *
    ****************************************************************
    * RECOMMENDATION: Apply the PTF provided.                      *
    ****************************************************************
    File Manager remote services connects to remote systems using
    the ADFzCC common server. When the common server is configured
    for SSL/TLS, the local File Manager system validates the remote
    host's certificate by checking for its CA in local SITE
    certificates. This is a problem when the relevant CA certificate
    is not registered as a SITE certificate. To resolve this, the
    name of the key store for checking certificate trust needs to be
    configurable.
    File Manager has been modified to accept a new option CERTRUST.
    This is for specifying a certificate trust key store and will
    be used for SSL/TLS handshake for File Manager remote services
    connections. If not specified, the default validation for
    certificate trust will continue to be checked against the local
    host's SITE certificates.
    

Problem conclusion

Temporary fix

Comments

  • File Manager has been modified to accept a new option CERTRUST.
    This is for specifying a certificate trust key store and will
    be used for SSL/TLS handshake for File Manager remote services
    connections. If not specified, the default validation for
    certificate trust will continue to be checked against the local
    host's SITE certificates.
    

APAR Information

  • APAR number

    PH39955

  • Reported component name

    FILE MANAGER Z/

  • Reported component ID

    5655Q4200

  • Reported release

    E10

  • Status

    CLOSED UR1

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2021-08-18

  • Closed date

    2021-09-23

  • Last modified date

    2021-10-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • FMN$$CPJ FMN$$CPK FMN0LVL  FMN0LVLJ FMN0LVLK FMN0MENU FMN0MJPN
    FMN0MKOR FMN0PARM FMN0POE1 FMN0POE2 FMN0POE3 FMN0POPI FMN0POPT
    FMN0PWN1 FMN0PWN2 FMN0PWN3 FMN1$CPJ FMN1$CPK FMN1ASMX FMN1CAT
    FMN1CMDS FMN1CPYR FMN1DLI  FMN1FBPD FMN1FEB1 FMN1FFOR FMN1FIX1
    FMN1FPR1 FMN1FSSD FMN1FTAD FMN1FTEX FMN1FUDB FMN1FUL  FMN1FUNS
    FMN1FUSC FMN1FUSD FMN1FUSS FMN1FUTC FMN1FUTP FMN1FXSC FMN1IMSB
    FMN1LVL  FMN1LVLJ FMN1LVLK FMN1MENU FMN1MJPN FMN1MKOR FMN1PAB1
    FMN1PAB2 FMN1PAB3 FMN1PAB4 FMN1PARM FMN1PC3  FMN1PC4  FMN1PC5
    FMN1PCBF FMN1PCDU FMN1PCLN FMN1PCOM FMN1PCRC FMN1PCSG FMN1PCUP
    FMN1PED  FMN1PED1 FMN1PEDR FMN1PEDZ FMN1PHDZ FMN1PICU FMN1PIVU
    FMN1PLU0 FMN1PNWS FMN1POPD FMN1POPI FMN1POPT FMN1PPU0 FMN1PSCB
    FMN1PSET FMN1PSI3 FMN1PSI4 FMN1PSSD FMN1PSSS FMN1PSTP FMN1PT3
    FMN1PT4  FMN1PT5  FMN1PTDU FMN1PTUT FMN1PUTL FMN1PV1  FMN1PV3
    FMN1PV4  FMN1PV5  FMN1PVBF FMN1PVDU FMN1PVRC FMN1PVSG FMN1PVUP
    FMN1PX1  FMN1RBR9 FMN1RCLN FMN1RCPX FMN1RCRS FMN1RCU3 FMN1RCUS
    FMN1RED9 FMN1RICU FMN1RIVU FMN1RLR1 FMN1RLR2 FMN1RLR3 FMN1RTPL
    FMN1RTPX FMN1RTU3 FMN1RTUS FMN1RVPX FMN1RVU3 FMN1RVUS FMN1RVWS
    FMN1RXCD FMN1RXNE FMN1RXR0 FMN1RXR1 FMN1RXTO FMN1ST00 FMN1SXT
    FMN1XGLL FMN1XGLX FMN2ACO  FMN2ACS  FMN2ADIE FMN2ADIN FMN2AGD
    FMN2APM  FMN2APR  FMN2ARM  FMN2ARP  FMN2ARR  FMN2ARS  FMN2ART
    FMN2ARY  FMN2ASL  FMN2ASQ  FMN2ASW  FMN2AZP  FMN2BN0K FMN2BN1K
    FMN2BN2K FMN2BN9K FMN2CPYB FMN2CPYR FMN2D2I8 FMN2D2IA FMN2D2IB
    FMN2D2IC FMN2D2JA FMN2D2JB FMN2D2JC FMN2DATA FMN2DENP FMN2DENU
    FMN2DJPN FMN2DKOR FMN2ERRK FMN2FBKE FMN2FBKN FMN2FBKZ FMN2FBLM
    FMN2FBLR FMN2FCQ6 FMN2FDBX FMN2FDTF FMN2FDX2 FMN2FE33 FMN2FE34
    FMN2FE4B FMN2FRCJ FMN2FRCM FMN2FRNO FMN2FSCR FMN2FTAD FMN2FTEX
    FMN2FTMF FMN2FTU2 FMN2FXGC FMN2GEN  FMN2GV20 FMN2GV21 FMN2GV22
    FMN2GV29 FMN2LVL  FMN2LVLJ FMN2LVLK FMN2MENU FMN2MJPN FMN2MKOR
    FMN2MSG  FMN2MSGT FMN2P0KB FMN2P0KR FMN2P0PB FMN2P0PR FMN2P1KB
    FMN2P1KR FMN2P1PB FMN2P1PR FMN2P2KB FMN2P2KR FMN2P2PB FMN2P2PR
    FMN2PARM FMN2PCLN FMN2PCOP FMN2PCPO FMN2PD2E FMN2PDBP FMN2PEO1
    FMN2PEO2 FMN2PEO3 FMN2PEO4 FMN2PEO5 FMN2PEO6 FMN2PEO7 FMN2PEO8
    FMN2PEXO FMN2PIMI FMN2PIMO FMN2PNWS FMN2POAC FMN2POKB FMN2POKR
    FMN2POL  FMN2POLK FMN2POLP FMN2POPB FMN2POPH FMN2POPI FMN2POPR
    FMN2POPT FMN2POTL FMN2PPO1 FMN2PRD2 FMN2PRD4 FMN2PRS4 FMN2PSO2
    

Fix information

  • Fixed component name

    FILE MANAGER Z/

  • Fixed component ID

    5655Q4200

Applicable component levels

  • RE10 PSY UI77276

       UP21/09/29 P F109

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Line of Business":{"code":"LOB35","label":"Mainframe SW"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSXJAV","label":"File Manager for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"E10"}]

Document Information

Modified date:
02 October 2021