PQ71372: CONTROL REGION ABENDS BECAUSE GSKSSL DLL CANNOT BE FOUND WHEN AN SSL REQUEST IS SENT TO A SERVER NOT CONFIGURED FOR SSL | |||||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description If a server is not configured for SSL, the control region still listens for SSL requests on threads started at initialization time, CR_SSLHSInWorkRoutine. If an SSL request is received but SGSKLOAD is not in STEPLIB for the server or in LNKLST, the control region will abend because of the failure to find DLL GSKSSL. The following message will be seen in the control region job output: CEE3501S The module GSKSSL was not found. From entry point secure_socket_init(SessionHandle*) This apar is to prevent an inadvertant SSL request from being handled by the control region when SSL is not configured for the server. . The callback stack of this error will look like: CEEHDSP 0C930808 +00003062 CEEPLPKA CEEHSGLT 0C9808F8 +0000005C CEEPLPKA CEEPTLOR 0C9B3450 +000001BC CEEPLPKA CEEPTLC 0000C750 +0000009A CEEBINIT secure_socket_init(SessionHandle*) 22754370 +000002BC 425 BBOSEC SessionManagerProtocolSSL::processHandshake(acrwObj*) 2829F4A8 +0000008A 805 BBOCOMM SessionManager::processHandshake(acrwObj*) 28234B90 +000000BC 1308 BBOCOMM CR_SSLHandShakeInThread::RemoveAndProcessWork(ThreadCleanUp* 284490D0 +00000368 150 BBOBOA CR_SSLHSInWorkRoutine 28448060 +0000010C 311 BBOBOA CEEPGTFN 0C99B9F8 +0000005A CEEPLPKA main 21E7D998 -21E72A32Local fix Place SGSKLOAD in STEPLIB for the server or in LNKLST and APF authorize it.Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V4.0.1 for z/OS and OS/390 * **************************************************************** * PROBLEM DESCRIPTION: Message "CEE3501S The module GSKSSL was * * not found." issued from * * secure_socket_init(SessionHandle*) in * * bbocsmrs.cpp prior to an ABENDS0C4 * * in MODULE=CEEPLPKA CSECT=CEEPLPKA. * **************************************************************** * RECOMMENDATION: * **************************************************************** A Listener Session is established on the IIOP SSL Port even though SSL is not available. If a request is made to the IIOP SSL port then an attempt is made to initialize an SSL Socket. Since SSL is not available, this attempt fails with ABEND0C4/ABENDS0C4. As a result of the ABEND the Control Region is terminated.Problem conclusion Code has been modified in Communications Session Manager (bbocsmgr.cpp) to start an IIOP SSL Listener only if SSL is available. APAR PQ71372 is associated with SERVICE LEVEL W401502 of WebSphere Application Server V4.0.1 for z/OS and OS/390.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros
|
Document Information |
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 401
Software edition:
Reference #: PQ71372
IBM Group: Software Group
Modified date: Apr 3, 2003
(C) Copyright IBM Corporation 2000, 2006. All Rights Reserved.