APAR status
Closed as program error.
Error description
The TLS support ( for encryption/authentication) built into the new communication layer used by AD Build Client and AD Connect does not currently support the use of TLS certificates that set the common name (CN) to a host name/domain name (eg. ibm.com ). It only supports IP addresses, like (eg 127.0.0.1). This restriction will not allow customers to enable TLS on their systems, since the use of host name / domain name in the CN or subject alternate names (SAN) field of certificates is a standard and recommended best security practice.
Local fix
N/A
Problem summary
AD BUILD CLIENT AND AD CONNECT DOES NOT SUPPORT THE USE OF TLS CERTIFICATES WITH COMMON NAME TO A HOST NAME.
Problem conclusion
Code change was implemented to allow use of a host name or domain name in the CN field or the SAN field of the TLS certificate.
Temporary fix
n/a
Comments
APAR Information
APAR number
PH43102
Reported component name
APPL DISCOVERY
Reported component ID
5737B1600
Reported release
602
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-01-04
Closed date
2022-01-04
Last modified date
2022-01-04
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
mainfra
Fix information
Fixed component name
APPL DISCOVERY
Fixed component ID
5737B1600
Applicable component levels
[{"Line of Business":{"code":"LOB35","label":"Mainframe SW"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSRR9Q","label":"IBM Application Discovery"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"602"}]
Document Information
Modified date:
05 January 2022