Previous topic |
Next topic |
Contents |
Contact z/OS |
Library |
PDF
EZD1917I z/OS Communications Server: IP Messages Volume 2 (EZB, EZD) SC27-3655-01 |
|
EZD1917I IKE status for stack tcpname is FIPS140
enabled but IKED is not FIPS140 enabled ExplanationThe Federal Information Processing Standard 140 (FIPS 140) function is enabled for the named TCP/IP stack, but it is not enabled for the IKE daemon. The Internet Key Exchange (IKE) daemon is not permitted to provide cryptographic services to the stack. In the message text:
System actionThe IKE daemon will not perform Security Association (SA) negotiation or any other cryptographic services for the specified stack. IKE daemon processing continues. Operator responseContact the system programmer. System programmer responseStacks that are enabled for FIPS 140 support require that the IKE daemon also be enabled for FIPS 140 support. The stack configuration, the IP security policy for the stack, the IKE daemon configuration, and the NSS server configuration must all be consistent. To understand the implications and requirements for enabling FIPS 140 support in your environment, see the information about FIPS 140 and IP security in z/OS Communications Server: IP Configuration Guide. User responseNot applicable. Problem determinationNone. Sourcez/OS® Communications Server TCP/IP: IKE daemon Modulestackobj.cpp Routing code11 Descriptor code7 AutomationThis message is output to syslog. Example
|
Copyright IBM Corporation 1990, 2014
|