IBM Support

PI10766: USERS ARE UNABLE TO DISABLE DAEMON SSL

Fixes are available

7.0.0.33: WebSphere Application Server V7.0 Fix Pack 33
8.0.0.9: WebSphere Application Server V8.0 Fix Pack 9
8.5.5.3: WebSphere Application Server V8.5.5 Fix Pack 3
7.0.0.35: WebSphere Application Server V7.0 Fix Pack 35
8.5.5.4: WebSphere Application Server V8.5.5 Fix Pack 4
8.0.0.10: WebSphere Application Server V8.0 Fix Pack 10
7.0.0.37: WebSphere Application Server V7.0 Fix Pack 37
8.5.5.5: WebSphere Application Server V8.5.5 Fix Pack 5
8.5.5.6: WebSphere Application Server V8.5.5 Fix Pack 6
8.0.0.11: WebSphere Application Server V8.0 Fix Pack 11
8.5.5.7: WebSphere Application Server V8.5.5 Fix Pack 7
7.0.0.39: WebSphere Application Server V7.0 Fix Pack 39
8.5.5.8: WebSphere Application Server V8.5.5 Fix Pack 8
8.0.0.12: WebSphere Application Server V8.0 Fix Pack 12
8.5.5.9: WebSphere Application Server V8.5.5 Fix Pack 9
7.0.0.41: WebSphere Application Server V7.0 Fix Pack 41
8.5.5.10: WebSphere Application Server V8.5.5 Fix Pack 10
8.5.5.11: WebSphere Application Server V8.5.5 Fix Pack 11
8.0.0.13: WebSphere Application Server V8.0 Fix Pack 13
7.0.0.43: WebSphere Application Server V7.0 Fix Pack 43
8.5.5.12: WebSphere Application Server V8.5.5 Fix Pack 12
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
8.5.5.13: WebSphere Application Server V8.5.5 Fix Pack 13
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
7.0.0.35: Java SDK 1.6 SR16 FP1 Cumulative Fix for WebSphere Application Server
7.0.0.37: Java SDK 1.6 SR16 FP3 Cumulative Fix for WebSphere Application Server
7.0.0.39: Java SDK 1.6 SR16 FP7 Cumulative Fix for WebSphere Application Server
7.0.0.41: Java SDK 1.6 SR16 FP20 Cumulative Fix for WebSphere Application Server
7.0.0.43: Java SDK 1.6 SR16 FP41 Cumulative Fix for WebSphere Application Server
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.15: WebSphere Application Server V8.5.5 Fix Pack 15
8.5.5.14: WebSphere Application Server V8.5.5 Fix Pack 14
8.5.5.17: WebSphere Application Server V8.5.5 Fix Pack 17
8.5.5.20: WebSphere Application Server V8.5.5.20
8.5.5.18: WebSphere Application Server V8.5.5 Fix Pack 18
8.5.5.19: WebSphere Application Server V8.5.5 Fix Pack 19
8.5.5.16: WebSphere Application Server V8.5.5 Fix Pack 16
Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • The WebSphere InfoCenter documents two ways to disable Daemon
    SSL:
    
    1) Defining DAEMON_security_disable_daemon_ssl=TRUE
    2) Setting the SSL port to 0 with in the Admin Console or with
       the property DAEMON_protocol_iiop_daemon_port_ssl=0
    
    Neither setting works to disable Daemon SSL.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server V7.0, V8.0, and V8.5                 *
    ****************************************************************
    * PROBLEM DESCRIPTION: Setting property                        *
    *                      DAEMON_security_disable_daemon_ssl=TRUE *
    *                      fails to disable the z/OS Location      *
    *                      servers SSL port.                       *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    Our Infocenter indicates that property
    DAEMON_security_disable_daemon_ssl=TRUE can be set to disable
    the SSL port on the z/OS location server, or Daemon.
    

Problem conclusion

  • Code has been changed and the infocenter updated with
    information on how to disable the Daemon SSL port. Here is the
    change made to the infocenter:
    
    In order to turn off the daemon SSL port a cell-level WebSphere
    variable (DAEMON_security_disable_daemon_ssl)
    must be created and set to 1. The default for this variable is
    0.
    
    APAR PI10766 requires a change to documention.
    
    Note:  The following Version 7.0 modifications will be made to
    the Information Centers. To access the latest on-line
    documentation, go to the product library page at
    http://www.ibm.com/software/webservers/appserv/library and
    select the version and product that is appropriate for your
    WebSphere Application Server environment.
    
    The following Version 7.0 issue will be addressed:
    
    Problem: In topic, Daemon Secure Sockets Layer,
    the statement that the DAEMON_security_disable_daemon_ssl
    variable must be created and set to true, and that the default
    for this variable is false must be updated.
    
    Resolution: The fourth sentence in the first paragraph,
    in the topic Daemon Secure Sockets Layer will be
    
    updated to read:
    
    In order to turn off the daemon SSL port a cell-level WebSphere
    variable (DAEMON_security_disable_daemon_ssl)
    must be created and set to 1. The default for this variable is
    0.
    
    This update applies also to the V8.0, and  V8.5.5
    information centers.
    
    APAR PI10766 is currently targeted for inclusion in Fix Packs
    7.0.0.33, 8.0.0.9, and 8.5.5.3 of WebSphereApplication Server.
    Application Server.
    
    Please refer to URL:
    //www.ibm.com/support/docview.wss?rs=404&uid=swg27006970
    for Fix Pack availability.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI10766

  • Reported component name

    WEBSPHERE FOR Z

  • Reported component ID

    5655I3500

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-01-30

  • Closed date

    2014-03-13

  • Last modified date

    2014-07-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBSPHERE FOR Z

  • Fixed component ID

    5655I3500

Applicable component levels

  • R700 PSY UI18561

       UP14/06/21 P F406

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
12 January 2022