IBM Support

IC54923: AE IC54164 FIX COMPLETION

Fixes are available

Personal Communications 5.9.7
Personal Communications 5.9.6

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Customer running PCOM5.9.1 on Windows O.S. Vista and they're not
able to establish a TN3270 connection.  The following error
appears "The client and server can't communicate because they do
not posses a common algorithm.

Local fix

  • 



Problem summary


    

  • ****************************************************************
* USERS AFFECTED: Users of Telnet3270 secure connection using  *
*                 Microsoft CryptoAPI (MSCAPI) as security     *
*                 package.                                     *
****************************************************************
* PROBLEM DESCRIPTION: User is not able to establish a SSL     *
*                      connection using MSCAPI on Windows      *
*                      VISTA operating system.                 *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
Error occurs because of changes made in Windows MSCAPI module
Secure32.dll on Windows VISTA. AcquireCredentialsHandle() API
fails with error SEC_E_ALGORITHM_MISMATCH which means "The
client and server cannot communicate, because they do not
possess a common algorithm.".

    



Problem conclusion


    

  • Solution is to to set the default values for members in
SCHANNEL_CRED structure to Acquire credential Handle.
The default behavior of Schannel Windows implementation is to
validate the CA certificate automatically.
Personal Communications implements automatic CA certificate
validation. This is the preferred option as it allows Windows
to perform the default checking for server authentication
certificate. For the connection to succeed with automatic
validation, CA certificate needs to be installed under
"Trusted Root Certification Authorities" certificate store in
mmc snap-in on the machine where Personal Communications is
running.

PCSMSSEC.DLL has been changed to correct this problem.

See Manufacturing Refresh 7 document for fix details:

http://www.ibm.com/support/docview.wss?uid=swg24027576

    



Temporary fix


    

  • pcsmssec.dll

    



Comments


    

  • 



APAR Information




    

  • APAR number
    IC54923
    • 

  • Reported component name
    PCOMM V5 COMBO-
    • 

  • Reported component ID
    5639I7000
    • 

  • Reported release
    590
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt
    • 

  • Submitted date
    2008-01-15
    • 

  • Closed date
    2008-02-28
    • 

  • Last modified date
    2012-04-26
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    PCOMM V5 COMBO-
    • 

  • Fixed component ID
    5639I7000
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSEQ5Y","label":"Personal Communications"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.9","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            08 January 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback