A fix is available
APAR status
Closed as program error.
Error description
As part of processing a POST received using the HTTPS connector, action code is used to retrieve the SSL certificates after the initial handshake has been completed. This causes a re-negotiation to occur. Due to the timing of this action code call, if the POST contains encrypted data the whole encrypted body will be sent as part of a the re-negotiation, therefore if the total message size is greater than 4kb we will be over the default maxSavePostSize limit which governs the maximum size of a POST received during Client Auth. This will cause an error such as the following to be thrown: java.io.IOException: The number of bytes read 4096 is less than the Content-Length 10445 at com.ibm.broker.inlinehttp.tomcatthreadpool.TomcatInstanceManag er $Adapter Class.getRequestBodyData(TomcatInstanceManager.java
Local fix
NA
Problem summary
**************************************************************** USERS AFFECTED: All users of IBM Integration Bus V9.0 using the HTTP or Soap Input nodes that process messages greater than 4096 bytes and are also using HTTPS and WS-Security message part encryption. Platforms affected: MultiPlatform, z/OS **************************************************************** PROBLEM SUMMARY: As part of processing a POST received using the HTTPS connector, action code is used to retrieve the SSL certificates after the initial handshake has been completed. This causes a re-negotiation to occur. Due to the timing of this action code call, if the POST contains encrypted data the whole encrypted body will be sent as part of a the re-negotiation, therefore if the total message size is greater than 4kb we will be over the default maxSavePostSize limit which governs the maximum size of a POST received during Client Auth. This will cause an error such as the following to be thrown: java.io.IOException: The number of bytes read 4096 is less than the Content-Length 10445 at com.ibm.broker.inlinehttp.tomcatthreadpool.TomcatInstanceManag er $Adapter Class.getRequestBodyData(TomcatInstanceManager.java There are a number of resource name changes between WebSphere Message Broker and IBM Integration Bus Version 9.0. For details visit http://pic.dhe.ibm.com/infocenter/wmbhelp/v9r0m0/topic/com.ibm.e tools.mft.doc/bb23814_.htm
Problem conclusion
The product has been modified so that the action code to retrieve the SSL certificates is called after we have processed the message body. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v9.0 9.0.0.2 The latest available maintenance can be obtained from: http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg27006041 If the maintenance level is not yet available, information on its planned availability can be found on: http://www-1.ibm.com/support/docview.wss?rs=849&uid=swg27006308 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IC98925
Reported component name
INTEGRATION BUS
Reported component ID
5724J0530
Reported release
900
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2014-01-23
Closed date
2014-01-31
Last modified date
2015-04-15
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INTEGRATION BUS
Fixed component ID
5724J0530
Applicable component levels
R900 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSNQK6","label":"IBM Integration Bus"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
15 April 2015