IBM Support

PH39355: PEPH35724 SSL SERVER SENDING DEFAULT CERT FOR CLIENT

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When acting as an SSL client, the z/VM SSL server continues to
    send the default certificate when asked,
    This should have been disallowed with APAR PH35724 but is still
    being sent in some cases.
    

Local fix

  • N/A
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All users that use the z/VM SSL server       *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    ****************************************************************
    * RECOMMENDATION: APPLY PTF                                    *
    ****************************************************************
    Corrects logic error in z/VM SSL server that allowed for
    a key database's default certificate to be sent when no
    certificate is specified. This is not the intended
    behavior.
    

Problem conclusion

  • A logic error has been fixed so that the default certificate
    will never be sent as the client certificate.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PH39355

  • Reported component name

    TCP/IP FOR Z/VM

  • Reported component ID

    5735FAL00

  • Reported release

    710

  • Status

    CLOSED PER

  • PE

    YesPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2021-07-28

  • Closed date

    2021-09-15

  • Last modified date

    2022-03-28

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UI77154 UI77155

Modules/Macros

  • SSLGSKCF
    

Fix information

  • Fixed component name

    TCP/IP FOR Z/VM

  • Fixed component ID

    5735FAL00

Applicable component levels

  • R710 PSY UI79420

       UP22/02/24 I 1000 {

  • R720 PSY UI79421

       UP22/02/24 P 2201 {

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG27N"},"Platform":[{"code":"PF054","label":"z\/OS"}],"Version":"710"}]

Document Information

Modified date:
29 March 2022