About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
UNEXPECTED PROMPT WHEN ESTABLISHING A SECURE CONNECTION
APAR Identifier ...... PK84182 Last Changed ........ 09/06/19
UNEXPECTED PROMPT WHEN ESTABLISHING A SECURE CONNECTION
Symptom ...... IN INCORROUT Status ........... CLOSED PER
Severity ................... 3 Date Closed ......... 09/04/13
Component .......... 5735FAL00 Duplicate of ........
Reported Release ......... 540 Fixed Release ............ 999
Component Name TCP/IP V2 FOR V Special Notice ATTENTION
Current Target Date .. Flags
SCP ...................
Platform ............ PERVASIVE
Status Detail: SHIPMENT - Packaged solution is available for
shipment.
PE PTF List:
PTF List:
Release 540 : UK45770 available 09/06/19 (0902 )
Parent APAR:
Child APAR list:
ERROR DESCRIPTION:
When one attempts to establish an implicit secure connection
with a z/VM host configured to support secure connections, one
might encounter a prompt (presented by the client in use) for a
certificate password, or, to present a client certificate (to
satisfy a server request for such a certificate). The reported
prompts occur when connecting to only a z/VM 540 system. When
the same client / configuration is used to connect to a
prior-level z/VM host (also configured for secure connectivity),
no prompts are presented and the subject connections proceed as
expected.
LOCAL FIX:
None.
PROBLEM SUMMARY:
****************************************************************
* USERS AFFECTED: ALL USERS OF Z/VM SSL SERVER *
****************************************************************
* PROBLEM DESCRIPTION: *
****************************************************************
* RECOMMENDATION: APPLY PTF *
****************************************************************
An implicit ('static') connection using the z/VM 5.4.0 SSL
server results in asking the client initiating the connection to
authenticate. This may cause the end-user interface generating
the secure connection to prompt a user for authentication.
Secure connections that are explicit ('dynamic') do not
exhibit this behavior.
PROBLEM CONCLUSION:
A control block used for both dynamic and static connections
is missing the proper initialization of a field in the case
of a static connection. The fix is to initialize the field
once the determination has been made that the connection is
static.
TEMPORARY FIX:
COMMENTS:
MODULES/MACROS: SSLSERV SSLVMAIN
SRLS: NONE
RTN CODES:
CIRCUMVENTION:
MESSAGE TO SUBMITTER: