Skip to main content

IC81733: (CD) CSP900E LOGGED EXCEPTION DUE TO LONG PCRT VALUE IN C:D FMH70


Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Error Description￘
Error: CSP900E Logged Exception : Did not get buffer in 90000 ms

Local fix

  • Local Fix￘
Fix sent to user.

Problem summary

  • Users Affected:
All Customers running Connect:Direct Secure Plus sessions
through Sterling Secure Proxy

Problem Description:
A Connect:Direct Secure Plus session through SSP failed during
the initial FMH exchange because the PCRT field added to the
FMH70 record caused the zOS SNODE to mis-handle the record and
drop the session.
The SSP CD Adapter inserts "breadcrumbs" into the FMH records to
let each side of the transmission know that SSP is in the
middle.  The breadcrumbs consist of 2 extra fields, the "PRXY"
field which provides IP address information of the SSP and the
"PCRT" field, which presumably contains the originating PNODE
certificate during a Secure Plus session.  The "PRXY" field is
added to all FMHs and assists in C:D problem analysis, while the
PCRT field is only inserted in the FMH70 record flowing to the
SNODE during a Secure Plus session.
When the PCRT field is large, it can cause problems if the SNODE
cannot handle the larger FMH70 RU.  Study showed that the
certificate passed in the PCRT field was not the PNODE
certificate at all, which makes it of little value.

Platforms Affected:
All

Problem conclusion

  • Resolution Summary:
Turned off the "PCRT" breadcrumb in the C:D FMH70 unless the
behavior is specifically turned on at the adapter level.  The
following properties are now the default in the C:D adapter:
 "CDSP|*|BreadCrumbAddress" = "granted" (allows "PRXY"
breadcrumbs to be inserted)
 "CDSP|*|BreadCrumbAddressTransparentContent" =
"granted" (allows more detail in "PRXY" field)
 "CDSP|*|BreadCrumbAddressPCRT" = "denied"   (Do not insert the
"PCRT" field)
To continue to send the "PCRT" field, you must add the following
property to the C:D adapter Properties tab of the CM GUI:
 "CDSP|*|BreadCrumbAddressPCRT" = "granted"

Delivered In:
3.2.0.16,3.3.1.20,3.4.0.2,3.4.1.2

Temporary fix

  •  
    • 
  
 
  
Comments
 
  
     
   
  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    IC81733
    •  
    
  • Reported component name
    STR SECURE PROX
    •  
    
  • Reported component ID
    5725D0300
    •  
    
  • Reported release
    320
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2012-02-29
    •  
    
  • Closed date
    2012-08-03
    •  
    
  • Last modified date
    2012-08-03
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    STR SECURE PROX
    •  
   
  • Fixed component ID
    5725D0300
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R320 PSY
       UP
    •  
   
  • R331 PSY
       UP
    •  
   
  • R340 PSY
       UP
    •  
   
  • R341 PSY
       UP
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
Sterling Secure Proxy


	




	
Software version:

	3.2

	





	
Reference #:

IC81733






Modified date:

2012-08-03








Translate my page














































 



Content navigation