IBM Support

IT42378: ANS1299E "UNABLE TO GENERATE AN ENCRYPTION KEY..." ON FIPS ENABLED SYSTEM WITH PASSWORDACCESS PROMPT

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Per the following technote, the IBM  Spectrum Protect client
does not use FIPS compliant encryption in functions:
·  Passwords stored by the client.

·  IBM Spectrum Protect Client/Server authentication protocol
outside of SSL configured environments.

·  56bit DES client side encryption
https://www.ibm.com/support/pages/encryption-compliance-fips-14
0-2-standard

For this reason, the message ANS1299E appears on FIPS enabled
system if one of these functions is used.

When PASSWORDACCESS PROMPT option is used the mentioned
functions are not used but it is showing that error message in
dsmerror.log despite the backup is successful:

 ANS1299E Unable to generate an encryption key for storing
 password

IBM Spectrum Protect Versions Affected:  Client versions 8.1.14
and higher on all supported platforms
   | MDVREGR 8.1.15.0-5698ISMCL |

Additional Keywords: TS010814052 SSL

Local fix

  • Ignore the message or disable FIPS on the Operating System.

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* IBM Spectrum Protect backup-archive client versions 8.1 on   *
* all Linux platforms                                          *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* see ERROR DESCRIPTION                                        *
****************************************************************
* RECOMMENDATION:                                              *
* Apply fixing level when available. This problem is currently *
* projected to be fixed in IBM Spectrum Protect backup-archive *
* client  level 8.1.17.2 and 8.1.19.                           *
* Note that this is subject to change at the discretion of     *
* IBM.                                                         *
****************************************************************

Problem conclusion

  • 'ANS1299E Unable to generate an encryption key for storing
password' will not occur during backup on FIPS mode enabled
Linux.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IT42378
    • 

  • Reported component name
    TSM CLIENT
    • 

  • Reported component ID
    5698ISMCL
    • 

  • Reported release
    81L
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2022-11-02
    • 

  • Closed date
    2023-03-15
    • 

  • Last modified date
    2023-03-15
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Modules/Macros


    

  • dsmc

    



Fix information


    

  • Fixed component name
    TSM CLIENT
    • 

  • Fixed component ID
    5698ISMCL
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGSG7","label":"Tivoli Storage Manager"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"81L","Line of Business":{"code":"LOB26","label":"Storage"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            15 March 2023
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback