APAR status
Closed as program error.
Error description
In HACL JSSE class code, it displays all CA of the default JRE cacerts. No password is required, and no location path is required either which could cause a security breach.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: * * Toolkit users who want to use Java certs for secure * * connection authentication * **************************************************************** * PROBLEM DESCRIPTION: * * HACL program fails to establish secure connection with JRE * * Cacerts * **************************************************************** * RECOMMENDATION: * **************************************************************** HACL program fails to read Java Cacerts to establish secure connection. If we are adding host certificate in Java Cacerts, HACL program does not read certs from here to authenticate the handshake.
Problem conclusion
Code changes have been made to address the issue. Now, host certificate can be placed in JRE Cacerts and if we do not specify any Keystore in the program, it will by default read from JRE Cacerts.
Temporary fix
Comments
APAR Information
APAR number
OA63520
Reported component name
HOD MVS
Reported component ID
5733A5900
Reported release
E00
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-07-12
Closed date
2023-04-26
Last modified date
2023-04-26
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
ToolKit
Fix information
Fixed component name
HOD MVS
Fixed component ID
5733A5900
Applicable component levels
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSS9FA","label":"IBM Host On-Demand"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"E00","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
26 April 2023