Fixes are available
APAR status
Closed as fixed if next.
Error description
XSD files located on a server not supporting RFC5746, secure renegotiation can not be retrieved by Datapower. Datapower always requires secure renegotiation to be supported. The SSL Proxy Profile controling this is not configurable.
Local fix
There are several work arounds for this issue. 1) change the connection to backend server serving xsd files to HTTP 2) Enable RFC5746 support on the backend server 3) locate the xsd files local to the Datapower Appliance 4) Modify the Datapower appliance so that the connection to backend server is not directly accessed by the WSP configuration on Datapower. Modify the WSP configureation to connect through Datapower appliance first. For example the connection would be from the WSP to a Datapower front side handler for a MPGW. Configure the MPGW SSL proxy to allow connectivity to a insecure SSL server.
Problem summary
A new configurable SSL Proxy will be added to default domain and used for retrieving remote Schemata (instead "system-default"). By default it does not allow connections to insecure SSL servers and results in the same error logged as before, just with a different SSL Proxy name: yyymmddThhmmssZ [ssl][error] sslproxy(system-wsgw-management-loopback): tid(.....): SSL handshake aborted due to detection of insecure SSL server Setting "Allow connection to insecure SSL" to "On" for system-wsgw-management-loopback will allow Web Service Proxies to retrieve Schemata from an insecure SSL server.
Problem conclusion
Fix will be available in next major releases.
Temporary fix
Comments
APAR Information
APAR number
IC88020
Reported component name
DATAPOWER
Reported component ID
DP1234567
Reported release
382
Status
CLOSED FIN
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2012-11-07
Closed date
2013-01-11
Last modified date
2013-01-16
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DATAPOWER
Fixed component ID
DP1234567
Applicable component levels
R100 PSN
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.8.2","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
11 February 2022