APAR status
Closed as new function.
Error description
Support 'SSLCipherSpec ALL|TLSv10|TLSv11|TLSv12|TLSv13 -RSA' to remove ciphers that use RSA key exchange.
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM HTTP Server 8.5.5 or 9.0 * * * **************************************************************** * PROBLEM DESCRIPTION: Provide additional capability to * * remove ciphers that use RSA key * * exchange. * **************************************************************** * RECOMMENDATION: Apply this fix for additional cipher * * control. * **************************************************************** After PH30598, the pseudo-cipher "-RSA" may be used to remove RSA key exchange ciphers from list of default ciphers. It must be the first cipher argument and no other cipher arguments may follow on the same line. (Similar to "-CBC").
Problem conclusion
Added the pseudo-cipher "-RSA" in SSLCipherSpec to remove ciphers with RSA key exchange from the defaults. Note that this mechanism does not remove RSA ciphers if non-defaults have been previously added. This fix is targeted for IBM HTTP Server fix packs: - 9.0.5.7 - 8.5.5.19 For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH30598
Reported component name
IBM HTTP SERVER
Reported component ID
5724J0801
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-10-16
Closed date
2021-01-30
Last modified date
2021-01-30
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSEQTJ","label":"IBM HTTP Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5"}]
Document Information
Modified date:
31 January 2021