PQ76269: LDAP SERVER FAILS AFTER MIGRATION TO Z/OS 1.4 WITH SSL ERROR.

 A fix may be available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
After migration to z/OS 1.4, LDAP server fails to start.  Errors
indicate problems with setting up secure connection/port, but
non-secure connection for LDAP was used on earlier release of
z/OS, or non-secure connection is intended to be used right now.
Possible errors include abend U4083 proceeded by abend S0C4 for
a thread that is attempting to setup secure connection/port
The reason for attempting to config secure connection is because
bboslapd.conf file includes the following variable, where
keyring.kyr file is not set up:
.
sslKeyRingFile  keyring.kyr
.
Because of LDAP on z/OS 1.4 provides new SSL/TLS support,
this variable should not be specified if non-secure connection
only is attempted.
.
WebSphere customization job that creates default
bboslpad.conf file needs to be modified.
Local fix
In your ldap configuration file (bboslapd.conf), modify the
following variable and set it to 'none':
.
sslKeyRingFile none
.
OR
From bboslpad.conf file, remove or comment-out the variables
that are needed only if secure connection is used.  The
variables include:
.
securePort 636
security none
sslCertificate  none
sslKeyRingFile  keyring.kyr
sslKeyRingFilePW none
sslCipherSpecs 12288
Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 version 4.0.1 for z/OS and OS/390            *
****************************************************************
* PROBLEM DESCRIPTION: LDAP server fails after migration to    *
*                      z/OS 1.4 with ssl error.                *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
After migration to z/OS 1.4, LDAP server fails to start.
Errors indicate problems with setting up secure
connection/port, but non-secure connection for LDAP was used on
earlier release of z/OS, or non-secure connection is intended
to be used right now.  Possible errors include abend U4083
proceeded by abend S0C4 for a thread that is attempting to
setup secure connection/port.

The reason for attempting to config secure connection is
because bboslapd.conf file includes the following variable,
where keyring.kyr file is not set up:
   sslKeyRingFile  keyring.kyr
Because of LDAP on z/OS 1.4 provides new SSL/TLS support,
this variable should not be specified if non-secure connection
only is attempted.

Fix: WebSphere customization job that creates default
     bboslapd.conf file needs to be modified to delete
     the variables:
         securePort
         security
         sslCertificate
         sslKeyRingFile
         sslKeyRingFilePW
         sslCipherSpecs
Problem conclusion
Dialog skeleton file for bboslapd.conf will be updated so that
LDAP servers will start without SSL errors.

APAR PQ76269 is associated with SERVICE LEVEL W401600 of
WebSphere Application Server version 4.0.1 for z/OS and OS/390.
Temporary fix Comments
APAR information
APAR number PQ76269
Reported component name WASKBASE
Reported component ID 5655A9801
Reported release 401
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Submitted date 2003-07-11
Closed date 2003-09-03
Last modified date 2006-02-28

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:
UQ79890

Modules/Macros
BBOAPCEI BBOAPCWI BBOAPIAI BBOAPIOI BBOAPXLI BBOAXCEI
BBOAXIAI BBOBOA BBOCASHS BBOCASYD BBOCASYH BBOCASYN
BBOCASYS BBOCCFMT BBOCEIOP BBOCHSES BBOCHSSS BBOCHTTP
BBOCLSAC BBOCLSCC BBOCLSCR BBOCLSES BBOCLSPC BBOCLSSA
BBOCLSSR BBOCLSSS BBOCLSUE BBOCLSUR BBOCMIOR BBOCNDMN
BBOCOMM BBOCORBA BBOCPFMT BBOCPOCB BBOCRDTA BBOCSESS
BBOCSMGR BBOCSMHS BBOCSMRH BBOCSMRI BBOCSMRL BBOCSMRP
BBOCSMRS BBOCSSES BBOCWBAL BBOCWBRT BBOCWSMP BBODASRC
BBODASRF BBODASRP BBODASRQ BBODASRS BBODASRU BBODBDLD
BBODBGVT BBODDAUT BBODENFL BBODMN BBODPCCR BBODRDTA
BBODSDRG BBODSREG BBOFAPPS BBOFDBC BBOFRCGD BBOFRCGS
BBOIAPPS BBOIBOIM BBOIBTO BBOIDRMI BBOIGTID BBOIHCOI
BBOIHDOI BBOIIMA BBOIIMC BBOIIMLI BBOIIMS BBOIKEYS
BBOILEI BBOILOCK BBOILPCI BBOILPI BBOILSEI BBOILSMI
BBOIMOI BBOIMORI BBOIPOOL BBOIRDB BBOIRDBI BBOIROOT
BBOIRSCN BBOISOI BBOISTOR BBOITLS BBOITMLI BBOI3PLI
BBOJBOUI BBOJJU BBOJSBDA BBOLORB BBOLRT BBOLSREQ
BBOLSS BBOLSVNM BBOLSYS BBOMAPPS BBOMBOOT BBOMCDM
BBOMDDLI BBOMDDLO BBOMDDLV BBOMDDLX BBOMDDLZ BBOMENV
BBOMGADM BBOMGSCO BBOMHFSM BBOMIBO BBOMIB02 BBOMIB06
BBOMIB10 BBOMIB15 BBOMIB19 BBOMIB23 BBOMIB27 BBOMIB33
BBOMIB37 BBOMIB41 BBOMIB45 BBOMIB48 BBOMIB58 BBOMIB62
BBOMIB64 BBOMIB66 BBOMIB68 BBOMIB70 BBOMIB80 BBOMIB81
BBOMIB82 BBOMIB83 BBOMIB84 BBOMIB85 BBOMIB86 BBOMICP
BBOMIDO BBOMID06 BBOMID10 BBOMID33 BBOMIEVA BBOMIMEX
BBOMIMRI BBOMPROC BBOMRDO BBOMSBO BBOMSBOI BBOMSBO1
BBOMSBO2 BBOMSBO3 BBOMSBO4 BBOMSBO5 BBOMSBO6 BBOMSBO7
BBOMSBO8 BBOMSCO BBOMSCOX BBOMSCP BBOMSCSR BBOMSDO
BBOMSD90 BBOMSMS BBOMSVSA BBOMSYSI BBOMUTIL BBOOAACI
BBOOABM BBOOACCI BBOOACQE BBOOACQW BBOOACRT BBOOAET
BBOOAGEN BBOOAGEV BBOOAIM BBOOAIMR BBOOAIMS BBOOAMR
BBOOAPBC BBOOAPCI BBOOARCI BBOOARMR BBOOARMW BBOOAS1
BBOOAS2 BBOOAS3 BBOOAS4 BBOOAS5 BBOOBDLD BBOOBIND
BBOOBOAI BBOOBOAM BBOOBOAT BBOOBOKC BBOOBSA BBOOCBG
BBOOCM BBOOCOMH BBOOCOMM BBOOCRHT BBOOCSIT BBOOCSM
BBOOCSTP BBOOCTL BBOOCVN BBOODCTX BBOODGAI BBOODGCA
BBOODQCA BBOODQEB BBOODRAI BBOODSAB BBOODSM BBOOEJSB
BBOOEQGQ BBOOEVAS BBOOGCOD BBOOGSCO BBOOGSVD BBOOGTID
BBOOHA BBOOIMPR BBOOIREQ BBOOJORB BBOOMODF BBOOOBJ
BBOOOPI BBOOOPIP BBOOOPIX BBOOORB BBOOORBP BBOOORBR
BBOOORBX BBOOORRG BBOOORSA BBOOORSF BBOOOUTP BBOOPCCR
BBOOPDGI BBOORB BBOORCTX BBOORDTA BBOOREQ BBOORIRI
BBOOROBJ BBOOSBND BBOOSBOA BBOOSCHD BBOOSCTX BBOOSDCT
BBOOSISA BBOOSMF BBOOSMFC BBOOSMFJ BBOOSMFP BBOOSMFR
BBOOSMFT BBOOSMFW BBOOSMOI BBOOSOUT BBOOSPST BBOOSR
BBOOSRAB BBOOSRBF BBOOSRM BBOOSRQA BBOOSRQF BBOOSRR
BBOOSRWT BBOOSS BBOOSSMF BBOOSSNQ BBOOSSQA BBOOSSRR
BBOOSSTP BBOOSUBD BBOOSWRK BBOOTCLN BBOOTMOT BBOOTMQ
BBOOTMQE BBOOTMSA BBOOTMTM BBOOTMTR BBOOTRD BBOOTTI
BBOOTTIP BBOOTTIX BBOOUBND BBOOWCSA BBOOWORK BBOPAPPS
BBOPBO BBOPBSC BBOPCH BBOPCO BBOPDO BBOPPK
BBORABND BBORADMP BBORARM BBORAS BBORBACB BBORBGVT
BBORBOAM BBORCARM BBORDATA BBORDATU BBORDEQ BBORDMSG
BBORDTF BBORENQ BBOREXIT BBORFRES BBORFRR BBORGETS
BBORJRAS BBORJSRV BBORLCRM BBORLEXT BBORLOG BBORMCDP
BBORMCDX BBOROBML BBOROBMS BBOROMDL BBOROOPI BBOROSMD
BBOROTTI BBORPTRC BBORRDTA BBORRMC BBORRMGR BBORSDMP
BBORSLOG BBORTBUF BBORTDF1 BBORTDF2 BBORTDL1 BBORTDL2
BBORTIME BBORTO BBORTRCD BBORTSRB BBORTSSX BBORTWRT
BBOSEBL BBOSEC BBOSEXSI BBOSEXT BBOSLAPP BBOSLDO
BBOSLHM BBOSLHMI BBOSLLO BBOSLMO BBOSLPK BBOSLRL
BBOSLSO BBOSLUT BBOSM BBOSNAPP BBOSNCO BBOSNDO
BBOSNFED BBOSNLN BBOSNMO BBOSNNSJ BBOSNPK BBOSNSM
BBOSNSS BBOSQAPP BBOSQRDB BBOSQXKI BBOSQ03 BBOSSACE
BBOSSACX BBOSSCCA BBOSSCLB BBOSSCOB BBOSSCTX BBOSSC1I
BBOSSC2I BBOSSDB2 BBOSSDMA BBOSSECM BBOSSESS BBOSSEXT
BBOSSGSK BBOSSINI BBOSSIOR BBOSSITP BBOSSITU BBOSSKMA
BBOSSKUT BBOSSMEP BBOSSMET BBOSSOUT BBOSSRIB BBOSSRPW
BBOSSRPX BBOSSRVA BBOSSSKR BBOSTMI BBOSTOI BBOSTXI
BBOTAPPS BBOTCOLB BBOTETCD BBOTIF BBOTLRAC BBOTMSTR
BBOTOTS BBOTOTSJ BBOTOTS2 BBOTREB BBOTRI BBOTRIS
BBOTRNX BBOTRPCX BBOTRRM BBOTSRA BBOTSRM BBOTSUR
BBOTSURS BBOTSUW BBOTSUWD BBOTTBCU BBOTTCN BBOTTCR
BBOTTCU BBOTTDEL BBOTTF BBOTTIDF BBOTTJCU BBOTTLS
BBOTTM BBOTTMCI BBOTTMCR BBOTTMM BBOTTMPC BBOTTMPS
BBOTTMSR BBOTTRC BBOTTRS BBOTTSCU BBOTTSR BBOTTSVC
BBOTTSYI BBOTTTR BBOTTZZZ BBOUENUS BBOUMSEN BBOUMSG
BBOUSCRW BBOUTHRD BBOUWTO BBOWCPYR BBOWSLPT BBOZ0244
BBOZ0247 BBOZ0279 BBOZ0689 BBOZ0706 BBOZ0766 BBOZ0773
BBOZ0784 BBOZ0801 BBOZ0910 BBOZ0911 BBOZ0912 BBOZ0913
BBOZ0914 BBOZ0915 BBOZ0916 BBOZ0917 BBOZ0918 BBOZ0919
BBOZ0920 BBOZ0921 BBOZ0922 BBOZ0923 BBOZ0924 BBOZ0925
BBOZ0926 BBOZ0927 BBOZ0928 BBOZ0929 BBOZ0930 BBOZ0931
BBOZ0932 BBOZ0933 BBOZ0942 BBOZ0947 BBOZ0954 BBOZ0955
BBOZ0956 BBOZ0957 BBOZ0958 BBOZ0959 BBOZ0960 BBOZ0961
BBOZ0962 BBOZ0963 BBOZ0964 BBOZ0965 BBOZ0966 BBOZ0967
BBOZ0968 BBOZ0976 BBOZ0988 BBOZ0998 BBOZ0999 BBOZ1000
BBOZ1001 BBOZ1002 BBO3ACEE BBO3BEGC BBO3CTXM BBO3CTXP
BBO3CTXX BBO3ENDC BBO3ENQP BBO3ENQS BBO3FRES BBO3GETS
BBO3MVS BBO3PCBA BBO3PCBT BBO3SBCC BBO3SBCP BBO3SETS
BBO3SRVP BBO3SSAF BBO3SSFP BBO3STMR BBO3SWCH  

Fix information
Fixed component name WASKBASE
Fixed component ID 5655A9801

Applicable component levels
R401 PSY UQ79890    UP03/09/17 P F309

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ76269
IBM Group: Software Group
Modified date: Feb 28, 2006