A fix is available
APAR status
Closed as new function.
Error description
This APAR implements new function in TCP/IP to provide CRYPTO APVIRT support for the TLS/SSL Server and LDAP/VM.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of the TLS/SSL Server or the * * LDAP/VM Server. * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: APPLY PTF * **************************************************************** This APAR implements new function in TCP/IP to provide: - CRYPTO APVIRT support for the TLS/SSL Server and LDAP/VM
Problem conclusion
Temporary fix
Comments
The System SSL V2.2 cryptographic library supporting z/VM V6.4 service virtual machines is updated to offload cryptographic operations to Crypto Express hardware associated with your z Systems or LinuxONE hardware. This provides support for clear-key RSA operations. To enable this support, insert the 'CRYPTO APVIRTUAL' statement into the appropriate virtual machine directory entry. This statement will grant the TLS/SSL Server access to shared crypto domains associated with your z/VM partition. No other configuration change is required. Note: * If configuring a stand-alone (single) SSLSERV virtual machine, insert this statement directly into the SSLSERV directory entry. * If configuring a pool of multiple SSL servers, insert this statement into the appropriate PROFILE directory entry (such as PROFILE TCPSSLU). * If configuring LDAP/VM, insert this statement directly into the LDAPSRV directory entry. See the z/VM 6.4.0 TCP/IP books (dated March 2017) for information on using these enhancements: http://www.vm.ibm.com/library/
APAR Information
APAR number
PI72106
Reported component name
TCP/IP V2 FOR V
Reported component ID
5735FAL00
Reported release
640
Status
CLOSED UR1
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function / Xsystem
Submitted date
2016-11-10
Closed date
2017-03-27
Last modified date
2017-04-28
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI45923
Modules/Macros
GSKAPQQ GSKCMS31 GSKC31 GSKC31F ICSFLIB SSLGSKCF
| SC246238XX | GC246095XX |
Fix information
Fixed component name
TCP/IP V2 FOR V
Fixed component ID
5735FAL00
Applicable component levels
R640 PSY UI45923
UP17/03/29 P 1701
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG27N","label":"APARs - VM\/ESA environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"640","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG27M","label":"APARs - z\/VM environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"640","Edition":"","Line of Business":{"code":"LOB16","label":"Mainframe HW"}}]
Document Information
Modified date:
28 April 2017