Skip to main content

PM80235: SP800-131 SUPPORT FOR IBM HTTP SERVER


Fixes are available

8.5.0.2: WebSphere Application Server V8.5 Fix Pack 2
8.0.0.6: WebSphere Application Server V8.0 Fix Pack 6

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • This feature adds support for ECDHE-RSA and ECDHE-DSA support
to IBM HTTP Server, including TLSv1.2 support for IBM HTTP
Server on z/OS.

Local fix

  •  
    • 
  
 
  
Problem summary
 
  
     
   
  • ****************************************************************
* USERS AFFECTED:  Users of IBM HTTP Server who want to use    *
*                  Elliptic Curve Cryptography (ECC) ciphers   *
*                  for                                         *
*                  SSL.                                        *
****************************************************************
* PROBLEM DESCRIPTION: IHS only supports ciphers that use RSA  *
*                      key establishment and RSA signatures.   *
****************************************************************
* RECOMMENDATION:  Apply the fix if your environment requires  *
*                  Elliptic Curve Cryptography (ECC).          *
****************************************************************
Ciphers using ECC key agreement and/or ECC signatures are
possible in TLSv1.2 but not supported by IBM HTTP Server. See
RFC 5246 for a full description of TLS1.2 ciphers, added
ciphers are of the type ECDHE_ECDSA and ECDHE_RSA in terms of
the RFC.

     
    • 
  
 
  
Problem conclusion
 
  
     
   
  • Support for ECDHE-ECDSA and ECDHE-RSA ciphers have been added
to IHS. ECDHE-RSA ciphers can be used without changing
certificates, but ECDHE-ECDSA  require special certificates
with an ECC key.

See
http://publib.boulder.ibm.com/httpserv/manual70/mod/mod_ibm_ssl.
html for full details.

This fix is targeted for IBM HTTP Server fix packs:
 - 8.0.0.6
 - 8.5.0.2

     
    • 
  
 
  
Temporary fix
 
  
     
   
  •  
    • 
  
 
  
Comments
 
  
     
   
  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    PM80235
    •  
    
  • Reported component name
    IBM HTTP SERVER
    •  
    
  • Reported component ID
    5724J0801
    •  
    
  • Reported release
    850
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2013-01-09
    •  
    
  • Closed date
    2013-01-11
    •  
    
  • Last modified date
    2013-01-11
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    IBM HTTP SERVER
    •  
   
  • Fixed component ID
    5724J0801
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R800 PSY
       UP
    •  
   
  • R850 PSY
       UP
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
IBM HTTP Server


	
Runtime


	




	
Software version:

	8.5

	





	
Reference #:

PM80235






Modified date:

2013-01-11








Translate my page














































 



Content navigation