A fix is available
APAR status
Closed as new function.
Error description
This APAR adds support for CICS to automatically add the Strict-Transport-Security header to HTTP responses that use secure connections.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All CICS users * **************************************************************** * PROBLEM DESCRIPTION: Provide support for HTTP Strict * * Transport Security * **************************************************************** When CICS is acting as an HTTP server within a secure domain there is no way to configure CICS to automatically return an HTTP Strict-Transport-Security header in its responses.
Problem conclusion
CICS has been updated to add support for including the HTTP Strict-Transport-Security header automatically in secure responses. The capability applies to all HTTP based TCPIPSERVICEs and the CMCI JVM server. It is configured by setting the following feature toggles: com.ibm.cics.web.hsts.max-age=seconds This toggle activates HSTS for the entire region and sets the max-age time in seconds (0-99999999). One year is 31536000 seconds. com.ibm.cics.web.hsts.includesubdomains=true|false This toggle only takes effect if the previous toggle has also been specified. It indicates if the includeSubDomains option should be added to the HSTS header. com.ibm.cics.web.hsts.max-age.TCPIPS=seconds|-1 This toggle allows for an individual TCPIPSERVICE named in the toggle (TCPIPS in this case) to have a different max-age value in its HSTS header. -1 can also be used to disable HSTS for that TCPIPSERVICE. com.ibm.cics.web.hsts.includesubdomains.TCPIPS=true|false This toggle only takes effect if the previous toggle has also been specified. It indicates if the includeSubDomains option should be added to the HSTS header for this specific TCPIPSERVICE.
Temporary fix
Comments
APAR Information
APAR number
PH55369
Reported component name
CICS TS Z/OS V5
Reported component ID
5655Y0400
Reported release
200
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
YesSpecatt / New Function / Xsystem
Submitted date
2023-06-23
Closed date
2024-03-11
Last modified date
2024-04-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PH55370 UI96022 UI96023
Modules/Macros
DFHAPJVM DFHAXIS2 DFHCDJNI DFHEIPSE DFHEIQSO DFHEISO DFHIEIE DFHISCO DFHISEM DFHISIC DFHISRR DFHISST DFHLEPTS DFHMNAD DFHMNXM DFHPITH DFHPITS DFHPIWT DFHRZDM DFHRZIX DFHRZLN DFHRZNR2 DFHRZRG2 DFHRZRM DFHRZRS1 DFHRZSO DFHRZSO1 DFHRZTA DFHRZTCX DFHRZTR1 DFHRZTRI DFHRZXM DFHSJBD DFHSJDM DFHSJDS DFHSJDUF DFHSJIN DFHSJIS DFHSJIX DFHSJJS DFHSJL DFHSJNA DFHSJNR DFHSJNT DFHSJRE DFHSJRL DFHSJRM DFHSJRT DFHSJSC DFHSJSM DFHSJST DFHSJT8 DFHSJTH DFHSJTRI DFHSJXM DFHSOAD DFHSOCK DFHSODM DFHSODS DFHSODUF DFHSOGH@ DFHSOHN DFHSOIS DFHSOIST DFHSOL DFHSOLI DFHSOLS DFHSOLX DFHSOLX6 DFHSOM01 DFHSOM02 DFHSOM03 DFHSONT DFHSOPL DFHSORD DFHSORL DFHSORM DFHSOS00 DFHSOS01 DFHSOS02 DFHSOS03 DFHSOS04 DFHSOS05 DFHSOS06 DFHSOS07 DFHSOS08 DFHSOS09 DFHSOS10 DFHSOS11 DFHSOS12 DFHSOS13 DFHSOS14 DFHSOS15 DFHSOS16 DFHSOS17 DFHSOS18 DFHSOS19 DFHSOS20 DFHSOS21 DFHSOS22 DFHSOS23 DFHSOSE DFHSOSES DFHSOSK DFHSOSM DFHSOST DFHSOTB DFHSOTI DFHSOTRI DFHSOUE DFHSOXM DFHSTP DFHTFIQ DFHWBA DFHWBA1 DFHWBAP DFHWBAPF DFHWBBLI DFHWBBMS DFHWBCL DFHWBDM DFHWBDUF DFHWBENV DFHWBPA DFHWBPW DFHWBRP DFHWBSC DFHWBSO DFHWBSR DFHWBST DFHWBSV DFHWBTRI DFHWBTTA DFHWBUR DFHWBXM DFHWBXN DFJ@H350 DFJ@H356 DFJ@H360 DFJ@H427 DFJ@H467 DFJ@H468 DFJ@H571 DFJDTCOE DFJOUTRE DFJWLPBP DFJWLPPL
Fix information
Fixed component name
CICS TS Z/OS V5
Fixed component ID
5655Y0400
Applicable component levels
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"5.5","Line of Business":{"code":"LOB70","label":"Z TPS"}}]
Document Information
Modified date:
04 April 2024