Fixes are available
PK53584; 2.0.47.1: IBM HTTP Server 2.0.47 Cumulative Interim Fix
6.1.0.7: WebSphere Application Server V6.1 Fix Pack 7 for Solaris
6.1.0.7: WebSphere Application Server V6.1 Fix Pack 7 for HP-UX
6.1.0.7: WebSphere Application Server V6.1 Fix Pack 7 for Linux
PK65782; 2.0.47.1: IBM HTTP Server V2.0.47 Cumulative Interim Fix
6.1.0.7: WebSphere Application Server V6.1 Fix Pack 7 for Windows
6.1.0.7 WebSphere Application Server V6.1 Fix Pack 7 for AIX
6.1.0.7: WebSphere Application Server V6.1 Fix Pack 7 for i5/OS
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server
Java SDK 1.5 SR10 Cumulative Fix for WebSphere Application Server
6.1.0.31: Java SDK 1.5 SR11 FP1 Cumulative Fix for WebSphere Application Server
6.1.0.33: Java SDK 1.5 SR12 FP1 Cumulative Fix for WebSphere
6.1.0.29: Java SDK 1.5 SR11 Cumulative Fix for WebSphere Application Server
6.1.0.35: Java SDK 1.5 SR12 FP2 Cumulative Fix for WebSphere
6.1.0.37: Java SDK 1.5 SR12 FP3 Cumulative Fix for WebSphere
6.1.0.39: Java SDK 1.5 SR12 FP4 Cumulative Fix for WebSphere Application Server
6.1.0.41: Java SDK 1.5 SR12 FP5 Cumulative Fix for WebSphere Application Server
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for Solaris
APAR status
Closed as program error.
Error description
SSL VirtualHosts unable to perform SSLV3 handshake when KeyFile directive has been specified with an invalid parameter in the last VirtualHost occuring in httpd.conf
Local fix
Problem summary
mod_ibm_ssl uses a GSKit environment created for the last SSL-enabled virtual host in order to retrieve the default cipher list from the security library. Some types of configuration errors can prevent the last SSL- enabled virtual host from initializing properly, which prevents the default cipher list from being retrieved. An example of such a configuration error is when the KeyFile directive specifies an invalid filename.
Problem conclusion
If a configuration error prevents the last SSL-enabled virtual host from initializing, thus preventing security library defaults to be retrieved from that SSL environment, then the published security library default ciphers will be used instead when no SSLCipherSpec directives have been given. This change is targeted for 6.1.0.7 6.0.2.19 Cumulative e-fix PK53584 for 2.0.47.1
Temporary fix
Comments
APAR Information
APAR number
PK33253
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
60A
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2006-10-19
Closed date
2007-01-18
Last modified date
2007-10-25
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
IBMSSL
Fix information
Fixed component name
IBM HTTP SERVER
Fixed component ID
5724J0801
Applicable component levels
R60A PSN
UP
R60H PSN
UP
R60I PSN
UP
R60P PSN
UP
R60S PSN
UP
R60W PSN
UP
R60Z PSN
UP
R61A PSN
UP
R61H PSN
UP
R61I PSN
UP
R61P PSN
UP
R61S PSN
UP
R61W PSN
UP
R61Z PSN
UP
Document Information
Modified date:
07 September 2022