APAR status
Closed as program error.
Error description
IHS does not allow individual elliptic curves used in ECDHE key exchange to be disabled/enabled.
Local fix
Add the following line to the httpd.conf within the same context as your SSLEnable statement to enable x448 EC (0030): SSLAttributeSet 230 "00300029002300240025" BUFF SSLAttributeSet causes IHS to make System SSL API calls after all of the IHS defaults and other directives have setup the System SSL environment.
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM HTTP Server (IHS) * **************************************************************** * PROBLEM DESCRIPTION: IHS does not allow TLS curves used in * * ECDHE key exchange to be customized. * **************************************************************** * RECOMMENDATION: * **************************************************************** When ECDHE key exchange is used, beyond agreeing on a protocol version and cipher, both sides of a TLS connection have to agree on a "curve" (or "group" in TLS 1.3) that is used as input into the key exchange that protects later secrets. Additionally, IHS on z/OS uses secp224r1 and secp192r1 on for TLSv12, but some scanners may flag these as "weak".
Problem conclusion
This APAR adds the "SSLSupportedCurves" directives to IHS which controls the Elliptic Curves used during ECDHE key exchange. This APAR also changes the default curves used for TLSv12 on z/OS. Syntax: SSLSupportedCurves TLSv12[1]|TLSv13 <curve-list> Syntax Notes: 1. On distributed platforms, TLSv12 cannot be customized with this directive, only TLSv13 can be customized. ## defaults TLSv12 default : secp256r1, secp384r1, secp521r1 *[see note 1] TLSv13 default : x25519, secp256r1, secp384r1, secp521r1, x448* Notes: 1. PH51678 (this APAR) removes secp224r1 and secp192r1 from the zOS defaults 2. PH39992 removed x25519 and x448 from s390/s390x linux defaults 3. x448 is not enabled by default on zOS. ## curve-list On z/OS, <curve> list is a series of 4-digit identifiers with no separator. https://www.ibm.com/docs/en/zos/2.5.0?topic= programming-cipher-suite-definitions#csdcwh__tttcsd On other operating systems, <curve-list> is a comma-separated list from: GSK_TLS_SUPPORTED_GROUP_ECDHE_X25519 GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP256R1 GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP384R1 GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP521R1 GSK_TLS_SUPPORTED_GROUP_ECDHE_X448 ## examples # zOS: add x25519 to defaults for TLSv12 SSLSupportedCurves TLSv12 0029002300240025 # zOS: add x448 to the end of defaults SSLSupportedCurves TLSv13 00290023002400250030 # Linux, AIX, Windows: use only secp384r1 and secp521r1 SSLSupportedCurves TLSv13 \ GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP384R1 \ GSK_TLS_SUPPORTED_GROUP_ECDHE_SECP521R1 Prior to the availability of the fix, curves can be configured o with the following style of Apache configuration: # GSK_SERVER_ALLOWED_KEX_ECURVES TLS 1.2 SSLAttributeSet 230 "00300029002300240025" BUFF # GSK_SERVER_TLS_KEY_SHARES TLS 1.3 SSLAttributeSet 227 "00300029002300240025" BUFF The fix for this APAR is targeted for inclusion in IHS fix pack 9.0.5.16. https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH51678
Reported component name
WAS IHS ZOS
Reported component ID
5655I3510
Reported release
900
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2023-01-03
Closed date
2023-02-10
Last modified date
2025-05-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WAS IHS ZOS
Fixed component ID
5655I3510
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0.0.0","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Document Information
Modified date:
30 May 2025