APAR status
Closed as program error.
Error description
The WebSphere administrative console gives the option to choose
a specific SSL encryption cipher for an SSL repertoire. One such
option is triple DES and this is represented by choosing:
.
SSL_RSA_WITH_3DES_EDE_CBC_SHA
.
Currently if this is chosen, WebSphere is not correctly setting
this to be the encryption cipher. This leads to a different
cipher to be used for encryption.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server v6.0.2 *
* customers. *
****************************************************************
* PROBLEM DESCRIPTION: Cipher suites configured for SSL *
* connections via the Administrative *
* Console are saved properly but other *
* ciphers not selected may also be *
* permitted for use at runtime. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
Even though a specific cipher suite (or suites) may be
configured for an SSL connection using the Administrative
Console, the server may allow use of other ciphers which are not
configured. There is no error indicating that this has occurred
and can be verified only via tracing or browser inspection.
Problem conclusion
Code is modified to correctly activate the configured cipher
suite(s).
APAR PK32676 is currently targeted for inclusion in Service
Level (Fix Pack) 6.0.2.19 of WebSphere Application Server V6.0.1
for z/OS.
Temporary fix Comments
APAR information |
APAR number |
PK32676 |
Reported component name |
WEBSPHERE FOR Z |
Reported component ID |
5655I3500 |
Reported release |
601 |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2006-10-10 |
Closed date |
2007-03-29 |
Last modified date |
2007-06-05 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
|
Fix information |
Fixed component name |
WEBSPHERE FOR Z |
Fixed component ID |
5655I3500 |
Applicable component levels |
R500 PSN |
UP |
R601 PSY UK24272 |
UP07/05/02 P F705 |
R610 PSN |
UP |
Fix is available |
Select the PTF appropriate for your component level. You will be
required to sign in. Distribution on physical media is not available in
all countries. |
|