IBM Support

IC96996: IN DB2 GATEWAY, WHEN REMOTE NODE IS CATALOGED WITH SSL ENABLED, MEMORY FOOTPRINT PER CONNECTION IS IMPACTED BY KEY DATABASE SIZE

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • In DB2 Gateway, when SSL is enabled (SECURITY SSL) for
    communication with remote node, memory footprint per connection
    is impacted by key database size.
    You may verify that by checking security type in node directory
    (LIST NODE DIRECTORY) and size of key database (SSL_CLNT_KEYDB)
    in database manager configuration.
    

Local fix

  • In order to reduce the key database size, verification of
    certificates stored there may be considered. It can be done by
    issuing:
    $DB2_HOME/gskit/bin/gsk8capicmd_64 -cert -list all -db
    <patch_to_key_db>
    Removal of those, which are not required in given environment,
    can be done with the same command using the -delete switch . By
    default GSKit version 7 populates created database with a number
    of predefined trusted CA certificates (in version 8 you need to
    specify -populate switch),
    

Problem summary

  • ****************************************************************
    * USERS AFFECTED:                                              *
    * ALL                                                          *
    ****************************************************************
    * PROBLEM DESCRIPTION:                                         *
    * See Error Description                                        *
    ****************************************************************
    * RECOMMENDATION:                                              *
    * Upgrade to DB2 version 9.7 Fix Pack 10 or higher.            *
    ****************************************************************
    

Problem conclusion

  • Fixed in DB2 version 9.7 Fix Pack 10.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IC96996

  • Reported component name

    DB2 CONNECT

  • Reported component ID

    DB2CONNCT

  • Reported release

    970

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2013-10-18

  • Closed date

    2014-11-10

  • Last modified date

    2014-11-10

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    IC97236

Fix information

  • Fixed component name

    DB2 CONNECT

  • Fixed component ID

    DB2CONNCT

Applicable component levels

  • R970 PSN

       UP



Document information

More support for: DB2 for Linux, UNIX and Windows

Software version: 9.7

Reference #: IC96996

Modified date: 10 November 2014