A fix is available
APAR status
Closed as program error.
Error description
You get error message DFHAM4928E Install of URIMAP failed because the specified certificate is not owned by this CICS. The real reason this message is being issued is because you are missing the private key for the certificate. Additional Keywords: KIXREVxxx
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: ALL CICS Users. * **************************************************************** * PROBLEM DESCRIPTION: DFHAM4928 gives a misleading * * description of the error if the * * certificate does not have a private * * key. * **************************************************************** * RECOMMENDATION: * **************************************************************** When a URIMAP is installed using SSL with client authentication but the certificate specified does not have a private key, msgDFHAM4928 gives wrong description of the error indicating that the certificate is not owned by CICS.
Problem conclusion
DFHMEAME and MFHMEAME have been changed to give the correct message for a URIMAP installed using a certificate without a private key. The CICS Transaction Server for z/OS Messages and Codes Version 3 Release 2 GC34-6827-03 has been altered to change the explanatory insert 'not owned by this CICS' to 'does not have a private key' in message DFHAM4928E as follows: DFHAM4928E applid Install of {TCPIPSERVICE |CORBASERVER | IPCONN | URIMAP} resourcename failed because the specified certificate {is expired | is not yet current | does not have a private key | is not trusted}. Explanation: Resource resourcename cannot be installed because the specified certificate is unusable. An explanatory phrase in the message describes why is expired The date and time at which the certificate is no longer valid has already passed. is not yet current The date and time at which the certificate is to become active has not yet been reached. does not have a private key The specified certificate does not have a private key. SSL with client authentication is only possible if you possess the private key associated with the certificate. is not trusted The certificate has been given the NOTRUST attribute by the security administrator. This indicates that the certificate is not to be used. System action: The resource is not installed. User response: Replace the certificate in the keyring with one that is usable, or specify a different certificate. Module: DFHAMP XMEOUT Parameters: applid, {7=TCPIPSERVICE, 8=CORBASERVER, 9=IPCONN,10=URIMAP}, resourcename, {1=is expired, 2=is not yet current, 3=does not have a private key, 4=is not trusted} Destination: Console and Terminal End User
Temporary fix
FIX AVAILABLE BY PTF ONLY
Comments
APAR Information
APAR number
PM34853
Reported component name
CICSTS V3 Z/OS
Reported component ID
5655M1500
Reported release
500
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2011-03-15
Closed date
2011-05-17
Last modified date
2011-06-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
PM35536 UK67846
Modules/Macros
DFHMEAMC DFHMEAME DFHMEAMK DFH34853
GC34682703 |
Fix information
Fixed component name
CICSTS V3 Z/OS
Fixed component ID
5655M1500
Applicable component levels
R500 PSY UK67846
UP11/05/21 P F105
Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSGMGV","label":"CICS Transaction Server"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}},{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SG19M","label":"APARs - z\/OS environment"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"3.2","Edition":"","Line of Business":{"code":"","label":""}}]
Document Information
Modified date:
01 June 2011