IBM Support

PH50480: IBM DEVELOPER FOR Z - AT-TLS Z/OS EXPLORER IVP DAEMON UNSUCCESSFUL, WHILE Z/OS EXPLORER CLIENT CONNECTION WORKS

A fix is available

Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • In IDz v15.0.5 User enabled AT-TLS encryption ran the IVP's, but
the IVP Daemon is unsuccessful.  Executing the IVP ISPF and
PASSTICKET were successful.

IVP DAEMON,XXXXXX, command entered
Invoking fekfdivp by user id, XXXXXX
Check attls policy:false,-1:-1:checkATTLS SIOCTTLSCTL ioctl
error, rc -1, errno 1124(EDC8124I Socket not connected.), errno2
0x08 AT-TLS protection validation fails: -1:-1:checkATTLS
SIOCTTLSCTL ioctl error, rc -1, errno 1124(EDC8124I Socket not
con

Workaround:
None

Local fix

  • NA

Problem summary

  • ****************************************************************
* USERS AFFECTED: 1. All users running Daemon Operator         *
*                 command IVP DAEMON                           *
****************************************************************
* PROBLEM DESCRIPTION: 1. The gsk ssl client socket created    *
*                      by the tools is required to import      *
*                      the trusted server certificate in       *
*                      the connection with Daemon through      *
*                      AT-TLS layer in the test. Daemon        *
*                      non-SSL mode setting prevent the        *
*                      tool from configuring the client ssl    *
*                      socket properly, causing the failure    *
*                      of the test.                            *
****************************************************************
1. The client socket should be configured with gsk ssl and
attached with the trusted server certificate when Daemon is on
AT-TLS mode.

Problem conclusion

  • 1. Have the client socket to detect AT-TLS mode of Daemon.
Specify the key ring in daemon_keydb_file parameter for the
tool to access and uses in ssl configuration of its client
socket.

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PH50480
    • 

  • Reported component name
    Z/OS EXPLORER E
    • 

  • Reported component ID
    5724T0723
    • 

  • Reported release
    320
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2022-10-27
    • 

  • Closed date
    2022-11-10
    • 

  • Last modified date
    2022-12-01
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    
PH50818
    

    • 



Modules/Macros


    

  • FEJENF70 FEJJCNFG FEJJJCL  FEJJMON  FEJTSO   FEK1SMPE FEK2RCVE
FEK3ALOC FEK4ZFS  FEK5MKD  FEK6DDEF FEK7APLY FEK8ACPT FEK@CERR
FEK@CONE FEK@CONF FEK@CUST FEK@DEB  FEK@DESC FEK@FLOW FEK@GEN
FEK@GENW FEK@ISPF FEK@IVP  FEK@IVPD FEK@IVPW FEK@JCN1 FEK@JCNE
FEK@JESJ FEK@MAIN FEK@MIGO FEK@OPTE FEK@OPTG FEK@OPTN FEK@PRIM
FEK@RSE1 FEK@RSEO FEK@STRT FEK@TAB1 FEK@TAB2 FEK@TAB3 FEK@WRK1
FEK@WRK2 FEK@WRK3 FEK@WRK4 FEK@WRK5 FEKAPPCC FEKAPPCL FEKAPPCX
FEKATTR  FEKDSI   FEKEESX0 FEKFASIZ FEKFATT1 FEKFBLD  FEKFCIPH
FEKFCLIE FEKFCMOD FEKFCMPR FEKFCMSG FEKFCOMM FEKFCOPY FEKFCOR6
FEKFCORE FEKFDBG  FEKFDBG6 FEKFDBGM FEKFDIR  FEKFDIR6 FEKFDIVP
FEKFDST0 FEKFDST1 FEKFDST2 FEKFENVF FEKFENVI FEKFENVP FEKFENVR
FEKFENVS FEKFEPL  FEKFERRF FEKFGDGE FEKFICUL FEKFISPF FEKFIVP0
FEKFIVPA FEKFIVPD FEKFIVPI FEKFIVPJ FEKFIVPT FEKFJESM FEKFJESU
FEKFJLIC FEKFJSON FEKFJVM  FEKFLATR FEKFLDSI FEKFLDSL FEKFLEOP
FEKFLOGS FEKFLPTH FEKFMAI6 FEKFMAIN FEKFMINE FEKFMNTL FEKFNTCE
FEKFOMVS FEKFPATT FEKFPLUG FEKFPTC  FEKFRIVP FEKFRMSG FEKFRSES
FEKFRSRV FEKFSCMD FEKFSEND FEKFSSL  FEKFSTUP FEKFT000 FEKFT001
FEKFT002 FEKFT003 FEKFT004 FEKFT005 FEKFT006 FEKFT007 FEKFT008
FEKFT009 FEKFT010 FEKFT011 FEKFT012 FEKFT013 FEKFT014 FEKFT015
FEKFT016 FEKFT017 FEKFT018 FEKFT019 FEKFT020 FEKFT021 FEKFT022
FEKFT023 FEKFT024 FEKFT025 FEKFTIVP FEKFTSO  FEKFUTIL FEKFVERS
FEKFXITA FEKFXITL FEKFZOS  FEKHCONF FEKHCUST FEKHDEB  FEKHDESC
FEKHFLOW FEKHGEN  FEKHISPF FEKHIVP  FEKHIVPD FEKHJESJ FEKHMAIN
FEKHMIGO FEKHOPTE FEKHOPTN FEKHPRIM FEKHRSE1 FEKHRSEO FEKHSTRT
FEKHTAB1 FEKHTAB2 FEKINIT  FEKKEYS  FEKLOCKA FEKLOGR  FEKLOGS
FEKM00   FEKM01   FEKM02   FEKMKDIR FEKMOUNT FEKMSGC  FEKMSGS
FEKRACF  FEKRSED  FEKSAPF  FEKSAPPL FEKSBPX  FEKSCLAS FEKSCLOG
FEKSCMD  FEKSCPYM FEKSCPYU FEKSDSN  FEKSENV  FEKSETUP FEKSISPF
FEKSJCFG FEKSJCMD FEKSJMON FEKSLPA  FEKSPROG FEKSPTKT FEKSRSED
FEKSSERV FEKSSTC  FEKSSU   FEKSUSER FEKXCFGE FEKXCFGI FEKXCFGM
FEKXCFGT FEKXMAIN FEKXML   HUHFCOR6 HUHFCORE

    



Fix information


    

  • Fixed component name
    EXP FOR Z/OS HO
    • 

  • Fixed component ID
    5655EXP23
    • 



Applicable component levels


    

  • R320  PSY  UI83251
       UP22/11/22  P  F211
    • 



Fix is available


    

  • Select the PTF appropriate for your component level.
You will be required to sign in. Distribution on physical
media is not available in all countries.
    








      
              
                            

              

              [{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSBDYH","label":"IBM Explorer for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"320","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
              

                          

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            01 December 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback