Fixes are available
APAR status
Closed as fixed if next.
Error description
An XML Manager using multiple SSL Proxy Profiles for connections to the same IP address and port number, may result in SSL connections presenting the wrong certificate if 'Client-side Session Caching' is enabled. The connections may fail or cause other errors because each XML manager maintains the SSL session cache based on the IP address and port of the SSL connections. Therefore, services using the same XML manager could use the wrong SSL credentials (certificates) when sending data to the same IP address and port.
Local fix
One of the following options can be used to avoid this issue: 1) Disable 'Client-side Session Caching' in the SSL Proxy Profile 2) Assign a unique IP/port pair on the backend server for each SSL Proxy Profile. 3) Use a distinct XML manager for each SSL PRoxy Profile by creating 'chained' servicing. This would mean adding a service (e.g., XML Firewall) behind the current 'client-facing' service. The XMLFW would then use a single SSL Proxy Profile and its own unique XML manager to forward the request to the backend server.
Problem summary
DataPower customers using multiple SSL Proxy Profiles with mutual authentication to connect to a single IP/Port pair may experience issues when Client-side Session Caching is enabled.
Problem conclusion
This will be fixed in a future major release.
Temporary fix
Comments
APAR Information
APAR number
IC82397
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
382
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-03-30
Closed date
2012-04-06
Last modified date
2012-07-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
R500 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.8.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
11 February 2022