A fix is available
APAR status
Closed as program error.
Error description
The original issue is that IBM Systems Director agent is giving error on the security scan. Customer got the following security exceptions: 5336/tcp/www: SSL Enabled Server Supports Medium Strength SSL Encryption Certificates/Cipher 5336/tcp/www: SSL Enabled Server Supports Weak SSL Encryption Certificates/Cipher 5336/tcp/www: IETF X.509 Certificate Signature Collision Vulnerability Further investigation shows that 1. Port 5336 is open only on AIX platform, used by pconsole; 2. Another port 8422, which uses the same keystore as of 5336, has strong cipher suites enabled and no security exception was thrown against this port. 3. The solution for port 5336 security issue is to enable strong cipher suites for this port also. Port 5536 was using the default ciphers provided by LWI 8.1.0.3. This needs to be changed by LWI and pconsole configurations.
Local fix
N/A
Problem summary
pconsole was using ciphers which are no longer considered secure
Problem conclusion
Changes are done in LWI CF framework to enable strong ciphers
Temporary fix
Comments
6100-07 - use AIX APAR IV50606 6100-08 - use AIX APAR IV57896 6100-09 - use AIX APAR IV54021 6100-09 - use AIX APAR IV54021 6100-09 - use AIX APAR IV54021 7100-01 - use AIX APAR IV57593 7100-02 - use AIX APAR IV57071 7100-03 - use AIX APAR IV54148 7100-04 - use AIX APAR IV54232
APAR Information
APAR number
IV54021
Reported component name
AIX 610 STD EDI
Reported component ID
5765G6200
Reported release
610
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Submitted date
2014-01-14
Closed date
2014-01-14
Last modified date
2016-05-10
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
AIX 610 STD EDI
Fixed component ID
5765G6200
Applicable component levels
R610 PSY U861152
UP14/10/28 I 1000
PTF to Fileset Mapping
U861152 sysmgt.pconsole.rte 6.1.9.30
U853958 sysmgt.pconsole.rte 6.1.9.15
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSLLZP","label":"AIX Standard Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSMV87","label":"AIX 6.1 Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSMVAX","label":"AIX Express Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSAUMY","label":"IBM AIX Enterprise Edition"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11Q","label":"AIX 6.1 HIPERS, APARs and Fixes"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG11R","label":"APARs - AIX 7.1 environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"610","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
10 May 2016