A fix is available
APAR status
Closed as program error.
Error description
When using the z/VM SSL servers, some elliptic curve ciphers could not be used to initiate a connection.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: All users of the z/VM SSL servers. * **************************************************************** * PROBLEM DESCRIPTION: * **************************************************************** * RECOMMENDATION: APPLY PTF * **************************************************************** Some ciphers were unable to be used unless FIPS mode was active. Those ciphers are as follows: 1 - ECDHE-RSA-AES128-GCM-SHA256 2 - ECDHE-RSA-AES256-GCM-SHA384 3 - ECDHE-ECDSA-AES128-GCM-SHA256 4 - ECDHE-ECDSA-AES256-GCM-SHA384
Problem conclusion
The z/VM SSL servers have been updated to allow these ciphers regardless of if FIPS mode is active.
Temporary fix
Comments
APAR Information
APAR number
PH50765
Reported component name
TCP/IP FOR Z/VM
Reported component ID
5735FAL00
Reported release
730
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-11-09
Closed date
2022-11-22
Last modified date
2023-10-11
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
UI83409 UI83410 UI83411
Modules/Macros
SSLGSKCF
Fix information
Fixed component name
TCP/IP FOR Z/VM
Fixed component ID
5735FAL00
Applicable component levels
R710 PSY UI83409
UP22/12/07 I 1000
R720 PSY UI83410
UP22/12/07 P 2301
R730 PSY UI92805
UP23/07/26 P 2301
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU011","label":"Systems - zSystems software"},"Product":{"code":"SG27N"},"Platform":[{"code":"PF054","label":"z Systems"}],"Version":"730"}]
Document Information
Modified date:
12 October 2023