APAR status
Closed as program error.
Error description
If file nodes are configured for sftp transport then connection to some of the sftp servers with versions like SSH-2.0-Sun_SSH_1.1 and SSH-2.0-IBM Sterling Connect can fail with a BIP2115E error. BIP2115E - 'Unknown SFTP Exception: Session.connect:java.security.InvalidAlgorithmParameterException : Prime size must be multiple of 64, and can only range from 256 to 2048(inclusive)'
Local fix
Problem summary
**************************************************************** USERS AFFECTED: All users of WebSphere Message Broker V8.0.0.8, IBM Integration Bus V9.0.0.6 or above and V10.0.0.4 or above using FileNodes with sftp transport. Platforms affected: z/OS, MultiPlatform **************************************************************** PROBLEM DESCRIPTION: If file nodes are configured for sftp transport then connection to some of the sftp servers with versions like: SSH-2.0-Sun_SSH_1.1 and SSH-2.0-IBM Sterling Connect can fail with a BIP2115E error. BIP2115E - 'Unknown SFTP Exception: Session.connect:java.security.InvalidAlgorithmParameterException : Prime size must be multiple of 64, and can only range from 256 to 2048(inclusive)' This problem is observed only after upgrading Jsch library used for sftp functionality to jsch-0.1.53 level which by default uses 2048 as DH key size. But some of the sftp servers return an incorrect key when the sftp client specifies 2048 as the key size which is causing the InvalidAlgorithmParameterException from FileNodes.
Problem conclusion
This APAR introduces an environment variable MQSI_FILENODES_SFTP_KEYSIZE to overcome this error by specifying the keysize as 1024. After applying this APAR IT20382 or the fixpack that contains IT20382 you can set the environment variable as below to avoid the issue. On Windows : set MQSI_FILENODES_SFTP_KEYSIZE=1024 On Unix platforms : export MQSI_FILENODES_SFTP_KEYSIZE=1024 --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v10.0 10.0.0.9 v8.0 8.0.0.9 v9.0 9.0.0.8 The latest available maintenance can be obtained from: http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg27006041 If the maintenance level is not yet available,information on its planned availability can be found on: http://www-1.ibm.com/support/docview.wss?rs=849&uid=swg27006308 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT20382
Reported component name
INTEGRATION BUS
Reported component ID
5724J0540
Reported release
A00
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-05-04
Closed date
2017-05-31
Last modified date
2017-05-31
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INTEGRATION BUS
Fixed component ID
5724J0540
Applicable component levels
RA00 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSNQK6","label":"IBM Integration Bus"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
23 March 2020