A fix is available
APAR status
Closed as program error.
Error description
When acting as an SSL client, the z/VM SSL server continues to send the default certificate when asked, This should have been disallowed with APAR PH35724 but is still being sent in some cases.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: All users that use the z/VM SSL server * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: APPLY PTF * **************************************************************** Corrects logic error in z/VM SSL server that allowed for a key database's default certificate to be sent when no certificate is specified. This is not the intended behavior.
Problem conclusion
A logic error has been fixed so that the default certificate will never be sent as the client certificate.
Temporary fix
Comments
APAR Information
APAR number
PH39355
Reported component name
TCP/IP FOR Z/VM
Reported component ID
5735FAL00
Reported release
710
Status
CLOSED PER
PE
YesPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2021-07-28
Closed date
2021-09-15
Last modified date
2022-03-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI77154 UI77155
Modules/Macros
SSLGSKCF
Fix information
Fixed component name
TCP/IP FOR Z/VM
Fixed component ID
5735FAL00
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG27N"},"Platform":[{"code":"PF054","label":"z\/OS"}],"Version":"710"}]
Document Information
Modified date:
29 March 2022