|
Problem IT46888
|
Status: Closed |
INVALID CIPHER USED TO COMMUNICATE WITH OLDER VERSION OF INFORMIX SERVER WITH ONSOCSSL
|
| product: |
IBM CSDK / 5724C2381 / 450 - CSDK 4.50 |
| Problem description: |
The format of SSL keystores has changed starting with IBM GSKit
8.0.55.28 and vulnerable ciphers have been removed.
This change leaves TLS 1.1 without any supported ciphers.
When attempting to connect to older servers (i.e. using older
versions of IBM GSKit), the following error is thrown:
28014: Secure Sockets Layer error: cannot initialize GSKit
secure socket/GSK_ERROR_BAD_PEER (GSKit:415)
Likewise, connecting from an older server to a server running
IBM GSKit 8.0.55.31 or later will produce the same results. |
| Problem Summary: |
****************************************************************
* USERS AFFECTED: *
* Users of Informix Client SDK prior to 4.50.xC11W1. *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to Informix Client SDK 4.50.xC11W1. *
**************************************************************** |
| Local Fix: |
|
| Solution |
|
| Workaround |
****************************************************************
* USERS AFFECTED: *
* Users of Informix Client SDK prior to 4.50.xC11W1. *
****************************************************************
* PROBLEM DESCRIPTION: *
* See Error Description *
****************************************************************
* RECOMMENDATION: *
* Upgrade to Informix Client SDK 4.50.xC11W1. *
**************************************************************** |
| Comment |
Fixed in Informix Client SDK 4.50.xC11W1. |
| Timestamps |
Date - problem reported :
Date - problem closed :
Date - last modified :
| 13.09.2024
25.10.2024
25.10.2024 |
| Problem solved at the following versions (IBM BugInfos) |
|
| Problem solved according to the fixlist(s) of the following version(s) |
