A fix is available
APAR status
Closed as program error.
Error description
A user Adds or Removes cipher suites from the QoP for an SSSL Repertoire and saves the changes. The panel is found at: SSL certificate and key management > SSL configurations > <NODEName>/DefaultIIOPSSL > Quality of protection (QoP) Upon returning to the QoP panel, the cipher suite list does not show the changes previously saved, as if the save was not successful. However, the was.env and security.xml have been updated with the changes.
Local fix
Manually alter/define com_ibm_DAEMON_claimSecurityCipherSuiteList in the Daemon's was.env
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server V6.1 * **************************************************************** * PROBLEM DESCRIPTION: Alteration to enabled cipher suite for * * the DAEMON, through the adminconsole * * do not occur successfully. * **************************************************************** * RECOMMENDATION: * **************************************************************** If a WebSphere Application Server z/OS customer logs into the adminconsole and attempts to alter the enabled cipher suites, these changes may or may not occur successfully. Here is the adminconsole breadcrumb trail: SSL certificate and key management > SSL configurations > <NODEName>/DefaultIIOPSSL > Quality of protection (QoP) The customer may notice that cipher suites they tried to enable, still show as disabled. Or cipher suites that show disabled, could be enabled.
Problem conclusion
Code has been changed to ensure that the high level cipher suite names displayed in the adminconsole will corresponed with underlying SSSL cipher suite selections. APAR PM80928 is currently targeted for inclusion WebSphere Application Server Fix Packs 6.1.0.47. Please refer to URL: //www.ibm.com/support/docview.wss?rs=404&uid=swg27006970 for Fix Pack availability.
Temporary fix
Comments
APAR Information
APAR number
PM80928
Reported component name
WEBSPHERE FOR Z
Reported component ID
5655I3500
Reported release
610
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-01-18
Closed date
2013-04-30
Last modified date
2013-10-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBSPHERE FOR Z
Fixed component ID
5655I3500
Applicable component levels
R610 PSY UK97031
UP13/09/07 P F309
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
10 February 2022