APAR status
Closed as new function.
Error description
When an expired cert is allowed with é ÁSSLClientAuthVerify OFF it is not possible to retrieve the certificate details.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: Users of IBM HTTP Server 9.0 * **************************************************************** * PROBLEM DESCRIPTION: Improvements needed for expired * * certificates with * * é ÁSSLClientAuthVerify OFF é Á **************************************************************** * RECOMMENDATION: Apply this fix if using * * é ÁSSLClientAuthVerify OFF é Á **************************************************************** 'SSLCLientAuth optional noverify' is extended with optional additional parameters noverify_allow_expired and noverify_record_expired. * noverify_allow_expired allows certificates or certificate chains with expired certificates to be accepted as valid. * noverify_record_expired adds all certificate details to internal variables referenced by other parts of the server, but still subjects requests on this connection to SSLClientAuthVerify checks.
Problem conclusion
Additional optional parameters were added for use when é ÁSSLClientAuthVerify OFF é Á is set. This fix is targeted for IBM HTTP Server fix packs: - 9.0.5.4 For more information, see 'Recommended Updates for WebSphere Application Server': http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
Temporary fix
Comments
APAR Information
APAR number
PH23397
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
900
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-03-18
Closed date
2020-05-05
Last modified date
2020-05-05
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
R900 PSY
UP
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0"}]
Document Information
Modified date:
07 September 2022