UNEXPECTED PROMPT WHEN ESTABLISHING A SECURE CONNECTION
APAR Identifier ...... PK84182 Last Changed ........ 09/06/19 UNEXPECTED PROMPT WHEN ESTABLISHING A SECURE CONNECTION Symptom ...... IN INCORROUT Status ........... CLOSED PER Severity ................... 3 Date Closed ......... 09/04/13 Component .......... 5735FAL00 Duplicate of ........ Reported Release ......... 540 Fixed Release ............ 999 Component Name TCP/IP V2 FOR V Special Notice ATTENTION Current Target Date .. Flags SCP ................... Platform ............ PERVASIVE Status Detail: SHIPMENT - Packaged solution is available for shipment. PE PTF List: PTF List: Release 540 : UK45770 available 09/06/19 (0902 ) Parent APAR: Child APAR list: ERROR DESCRIPTION: When one attempts to establish an implicit secure connection with a z/VM host configured to support secure connections, one might encounter a prompt (presented by the client in use) for a certificate password, or, to present a client certificate (to satisfy a server request for such a certificate). The reported prompts occur when connecting to only a z/VM 540 system. When the same client / configuration is used to connect to a prior-level z/VM host (also configured for secure connectivity), no prompts are presented and the subject connections proceed as expected. LOCAL FIX: None. PROBLEM SUMMARY: **************************************************************** * USERS AFFECTED: ALL USERS OF Z/VM SSL SERVER * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: APPLY PTF * **************************************************************** An implicit ('static') connection using the z/VM 5.4.0 SSL server results in asking the client initiating the connection to authenticate. This may cause the end-user interface generating the secure connection to prompt a user for authentication. Secure connections that are explicit ('dynamic') do not exhibit this behavior. PROBLEM CONCLUSION: A control block used for both dynamic and static connections is missing the proper initialization of a field in the case of a static connection. The fix is to initialize the field once the determination has been made that the connection is static. TEMPORARY FIX: COMMENTS: MODULES/MACROS: SSLSERV SSLVMAIN SRLS: NONE RTN CODES: CIRCUMVENTION: MESSAGE TO SUBMITTER: