IBM Support

db2connectactivate utility reports errorcode=-4450, security mechanism requested is not supported by server

Troubleshooting


Problem

When activating DB2 Connect license on mainframe using db2connectactivate utility, error is returned indicating the security mechanism is not supported by server.

Symptom

The following output may be returned from the db2connectactivate command,
[license activator][13451]Activation failed.
SQLCODE: -4450
SQLSTATE: 0A502
Message: [jcc][t4][2095][11230][3.69.24]Security mechanism requested is not supported by server. Errorcode=-4450, SQLSTATE=0A502

Cause

The utility uses the default security mechanism which is userid and password (3), but the server requires to use more secured mechanisms.

Resolving The Problem

Change the server AUTHENTICATION to SERVER or set the securityMechanism property to one of the server supported security mechanism.

If you set the IBM Data Server Driver for JDBC and SQLJ property securityMechanism for a type of security that uses encryption, the SDK for Java must support the type of encryption that you use. For example, the SDK for Java that you use might support 256-bit AES (strong) encryption, but not 56-bit DES (weak) encryption. The SDK for Java from Oracle might support AES encryption, but not DES encryption. See Note 2 under Java software support for DB2 database products.

You can specify the encryption algorithm by setting the IBM Data Server Driver for JDBC and SQLJ property encryptionAlgorithm. To use 256-bit AES encryption, set encryptionAlgorithm to 2. When you use 256-bit AES encryption with the SDK for Java from Oracle, you might need to install the JCE nlimited Strength Jurisdiction Policy File. That file is available from Oracle. If the JCE Unlimited Strength Jurisdiction Policy File is not found, a java.security.InvalidKeyException is thrown. See encryptionAlgorithm section. For the IBM SDK for Java, the file is available at the following location:https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=jcesdk


For example, to use securityMechanism=9 when running this utility, create the file called "DB2JccConfigurationb.properties" in which includes the following lines,


db2.jcc.override.securityMechanism=9


db2.jcc.override.encryptionAlgorithm=2

Put the file under the same directory where the utility is located, and call this command from that directory,

java -Ddb2.jcc.propertiesFile=DB2JccConfigurationb.properties -cp .\db2connectactivate.jar;.\db2jcc.jar com.ibm.db2.jcc.DB2ConnectActivate -host <hostname> -port <port number> -database <database> -user <user> -password <password>




[{"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Component":"Install\/Migrate\/Upgrade - Licensing","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"10.1;10.5;9.7","Edition":"","Line of Business":{"code":"LOB10","label":"Data and AI"}}]

Document Information

Modified date:
16 June 2018

UID

swg21986809

Page Feedback