IC81733: (CD) CSP900E LOGGED EXCEPTION DUE TO LONG PCRT VALUE IN C:D FMH70

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

APAR status

  • Closed as program error.

Error description

  • Error Description￘
    Error: CSP900E Logged Exception : Did not get buffer in 90000 ms
    

Local fix

  • Local Fix￘
    Fix sent to user.
    

Problem summary

  • Users Affected:
    All Customers running Connect:Direct Secure Plus sessions
    through Sterling Secure Proxy
    
    Problem Description:
    A Connect:Direct Secure Plus session through SSP failed during
    the initial FMH exchange because the PCRT field added to the
    FMH70 record caused the zOS SNODE to mis-handle the record and
    drop the session.
    The SSP CD Adapter inserts "breadcrumbs" into the FMH records to
    let each side of the transmission know that SSP is in the
    middle.  The breadcrumbs consist of 2 extra fields, the "PRXY"
    field which provides IP address information of the SSP and the
    "PCRT" field, which presumably contains the originating PNODE
    certificate during a Secure Plus session.  The "PRXY" field is
    added to all FMHs and assists in C:D problem analysis, while the
    PCRT field is only inserted in the FMH70 record flowing to the
    SNODE during a Secure Plus session.
    When the PCRT field is large, it can cause problems if the SNODE
    cannot handle the larger FMH70 RU.  Study showed that the
    certificate passed in the PCRT field was not the PNODE
    certificate at all, which makes it of little value.
    
    Platforms Affected:
    All
    

Problem conclusion

  • Resolution Summary:
    Turned off the "PCRT" breadcrumb in the C:D FMH70 unless the
    behavior is specifically turned on at the adapter level.  The
    following properties are now the default in the C:D adapter:
     "CDSP|*|BreadCrumbAddress" = "granted" (allows "PRXY"
    breadcrumbs to be inserted)
     "CDSP|*|BreadCrumbAddressTransparentContent" =
    "granted" (allows more detail in "PRXY" field)
     "CDSP|*|BreadCrumbAddressPCRT" = "denied"   (Do not insert the
    "PCRT" field)
    To continue to send the "PCRT" field, you must add the following
    property to the C:D adapter Properties tab of the CM GUI:
     "CDSP|*|BreadCrumbAddressPCRT" = "granted"
    
    Delivered In:
    3.2.0.16,3.3.1.20,3.4.0.2,3.4.1.2
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC81733

  • Reported component name

    STR SECURE PROX

  • Reported component ID

    5725D0300

  • Reported release

    320

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-02-29

  • Closed date

    2012-08-03

  • Last modified date

    2012-08-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    STR SECURE PROX

  • Fixed component ID

    5725D0300

Applicable component levels

  • R320 PSY

       UP

  • R331 PSY

       UP

  • R340 PSY

       UP

  • R341 PSY

       UP



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Sterling Secure Proxy

Software version:

3.2

Reference #:

IC81733

Modified date:

2012-08-03

Translate my page

Machine Translation

Content navigation