IBM Holddata For UA97874 Impact CA Top Secret?

book

Article ID: 131485

calendar_today

Updated On:

Products

CA Top Secret CA Top Secret - LDAP

Issue/Introduction



IBM PTF UA97874 has the following HOLD data: 

HOLD(UA97874) SYS FMID(HCPT420) REASON(ACTION) DATE(18317) 

COMMENT 
(**************************************************************** 
* FUNCTION AFFECTED: z/OS System SSL (OA55998) * 
**************************************************************** 
* DESCRIPTION : RESTART * 
**************************************************************** 
* TIMING : POST APPLY * 
**************************************************************** 

To activate the code without an IPL do the following steps: 
1. Apply the fix. 
2. Issue a MODIFY LLA,REFRESH and wait for it to complete 
(CSV210I message). 
3. If using System SSL started task (GSKSRVR), stop and 
restart GSKSRVR. 

Or you can IPL the system to activate the changed code. 

*************************************************************** 
* FUNCTION AFFECTED: z/OS System SSL (OA54786) * 
**************************************************************** 
* DESCRIPTION : ACTION * 
**************************************************************** 
* TIMING : POST APPLY * 
**************************************************************** 

For any System SSL key database (KDB) file being used by your 
installation that was created by using either the System SSL 
gskkyman utility or certificate management services APIs, the 
KDB password should be changed. 

After changing the KDB password, if the prior password was 
saved in a stash file, the password will need to be save into 
the stash file again. 

Prior to changing the password review the System SSL 
applications using the KDBs and identify any configurations 
relying on the actual password and not the stash file. The 
changing of the password and configuration update should be 
done at the same time to ensure the KDB and configuration 
information remain in sync.). 

Does this impact CA Top Secret?

Environment

Release:
Component: TSSMVS

Resolution

Since there is no mention of RACF or external security and the System SSL key database (KDB) file is separate from the CA Top Secret VSAM file, we don't believe this impacts CA Top Secret.