Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. FIX: Session Integrator in Host Integration Server 2010 may return an error message when it connects to a TN3270 SSL-enabled port on an IBM mainframe: "Server certificate check failed"

FIX: Session Integrator in Host Integration Server 2010 may return an error message when it connects to a TN3270 SSL-enabled port on an IBM mainframe: "Server certificate check failed"

View products that this article applies to.

Symptoms

Consider the following scenario:
  • You run an application that uses Session Integrator in Microsoft Host Integration Server 2010 to connect to an IBM mainframe by using the TN3270 service.
  • Session Integrator connects to TCP/IP port 992. This is the TN3270 port that supports Secure Sockets Layer (SSL).
  • The Session Integrator application is configured as CertificateCheck = TNCertificateCheck.None to indicate that the server certificate will not be verified.

In this scenario, if the certificate on the IBM mainframe is large, Session Integrator may return the following exception when it connects to the IBM mainframe system:
Microsoft.HostIntegration.SNA.Session.SessionException: Server certificate check failed

For example, this problem occurs when the certificate that is used for the TN3270 SSL connection is 4,000 bytes long. This problem does not occur when the certificate is 1,500 bytes long.

↑ Back to the top

Cause

This problem occurs because Session Integrator incorrectly reads the certificate data.

↑ Back to the top

Resolution

Cumulative update information

The fix that resolves this issue is included in cumulative update package 6 for Host Integration Server 2010. For more information about how to obtain the cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2752426 Cumulative update package 6 for Host Integration Server 2010

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

References

The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

↑ Back to the top

Keywords: kbqfe, kbfix, kbnotautohotfix, kbexpertiseinter, kbbug, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2782858
Revision : 1
Created on : 1/7/2017
Published on : 11/28/2012
Exists online : False
Views : 186