eServer i/net
eServer home Webulator Commerce Server Web Server Net Print Merchant Support i/net home
 
Commerce/400
*Documentation
*PTFs
*Certificates
*Evaluation CD
*Security Paper

Commerce Server/400 PTFs

 

IMPORTANT NOTE: Web Server/400 version 1.3 PTFs are also applicable to Commerce Server/400 functionality and should be reviewed in addition to the PTFs listed here for their relevance in your environment.

Program Temporary Fixes (PTFs) for Commerce Server/400

General information about Program Temporary Fixes can be found at the links below:

The PTFs listed below address several Commerce Server/400 issues including the following:

The COM100001 PTF

The COM100001 PTF fixed the following Commerce Server/400 problem:

Performing the command ADDWWWCERT may return error 266 on some RISC AS/400s. Without this fix, Commerce Server/400 can only be run in non-secure mode on the affected models.

Keylist database files created with version 1.0a that were not converted correctly will not work with the fixed code. The certificate request and keylist files will have to be regenerated. Only a RISC version of this fix is available (since no problem exists on IMPI machines).

NOTE: This PTF has been integrated into the Commerce Server/400 1.0B product.

NOTE: This PTF has been superceeded by PTF COM100009.

The COM100002 PTF

The COM100002 PTF fixed the following Commerce Server/400 problems:

  1. Commerce Server/400 was not properly caching SSL sessions. The problem effected the following types of server/Webulator SSL requests when there is more than 1 RP running:
    1. Requests that involve multiple server hits (e.g., document containing IMG SRCs)
    2. Additional requests to the server within the session cache timeout value
    Since the session caching was not properly being shared between RPs it would cause each request to the server to go through the full SSL handshaking process which would add 2 to 10+ seconds processing time per request.
  2. Fixes a couple of problems that would cause RPs to remain in a TIMW status indefinitely. This problem occurred during either SSL handshaking or SSL shutdown when the browser did not send the expected data to the server.

The PTF also adds the base support that is needed for a soon to be released product called Merchant/400. Merchant/400 will give Commerce Server/400 customers the ability to process credit card transactions securely over the internet.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0C product.

NOTE: This PTF has been superceeded by PTF COM100009.

The COM100003 PTF

*** IT IS HIGHLY RECOMMENDED THAT ALL COMMERCE SERVER/400 CUSTOMERS APPLY THIS PTF ****

This PTF contains all of the previous Commerce Server/400 PTFs, so this PTF should be applied and the others (COM100001, COM100002) have been removed from our FTP site.

This PTF fixes the following Commerce Server/400 problem:

The format of the certificates from Verisign changed, causing the ADDWWWCERT command to fail. This PTF corrects the problem for both customers that have certificates that could not be added and for customers who have not requested certificates yet.

This PTF also adds support for Verisign demo certificates.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0C product.

NOTE: This PTF has been superceeded by PTF COM100009.


Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100003.txt

The COM100004 PTF

This PTF fixes the following Commerce Server/400 problem:

This PTF includes a change to the CRTWWWKEY command that enables distinguished name values greater than 32 characters to be entered. COM100004 is only needed by customers whose Common Name, Organization, Organizational Unit, Locality, and/or State/Province is greater than 32 characters long.

This PTF contains all of the previous Commerce Server/400 PTFs.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0D product.

NOTE: This PTF has been superceeded by PTF COM100009.


Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100004.txt

The COM100005 PTF

This PTF fixes the following Commerce Server/400 problems:

  1. Fixed a potential SSL security exposure where, in theory, a hacker could possibly decrypt a single SSL session's data if the hacker saved a session's data and then made approximately 1 million probes to the server to generate information needed to decrypt the session's data. This attack would have to be repeated to decrypt another SSL session's data. Also note, this attack does not compromise the server's private key. For more information, please reference RSA's Web site.
  2. Fixes a problem where a request processor could get stuck in a TIMW status if a user canceled a request when the client and the server where in the middle of SSL handshaking.

This PTF contains all of the previous Commerce Server/400 PTFs.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0D product.

NOTE: This PTF has been superceeded by PTF COM100009.


Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100005.txt

The COM100006 PTF

This PTF fixes the following Commerce Server/400 problems:

  1. Domestic (U.S. and Canadian customers) version only fix
    Fixed a problem where an export (40-bit) browser could not access a domestic server using SSL. Known browsers encountering this problem are the export versions of Netscape Communicator 4.5 and Netscape Communicator 4.06. The browser would receive the following error when trying to access the server: "Netscape has encountered bad data from the server".
  2. Fixes a problem where a POST request that does not contain any request data (posted data) would receive a Network Error browser message instead of the expected script output.

This PTF contains all of the previous Commerce Server/400 PTFs.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0D product.

NOTE: This PTF has been superceeded by PTF COM100009.


Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100006.txt

The COM100007 PTF

This PTF fixes a problem caused by the previous PTF (COM100006) where users would intermittently receive Internal Server and/or Bad Request errors from the server. It is recommended that all customers install this PTF.

Full internal server error text:

The server encountered an unexpected event which prevented it from fulfilling your request. The error occurred in GET_LINE with a return code of 514.

This PTF contains all of the previous Commerce Server/400 PTFs.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0D product.

NOTE: This PTF has been superceeded by PTF COM100009.

NOTE: The links below contain the exportable version of this PTF, which supports 56-bit encryption. If you are a domestic user wishing to incorporate full 128-bit encryption, you may obtain the domestic version by contacting I/NET Support.


Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100007.txt

The COM100009 PTF

This PTF will is only supported under OS/400 versions V3R2, V3R7 and above.

As of January 1, 2000 Verisign will be changing the format of the certificates they issue. They will be issuing version 3 certificates instead of the current version 1 certificates. This PTF contains a new SSL implementation that supports version 3 certificates.

This PTF will also allow for the support or additional certificate authorities including, but not limited to AT&T, GTE, Keywitnes, Thawte, and USPS.

With this PTF you will be able to replace the certificate in a keylist file with a different one.

This PTF must be applied before you run the CRTWWWKEY command to start the process to request a new certificate.

It is recommended that all customers install this PTF.

As this is a new implementation of SSL there are a few parameters that will be ignored in the Commerce Server/400 commands.

CommandParameterDescription
CRTWWWKEYFORMATOnly *PKCS10 requests are generated
 WEEKSThis value is not placed in the request
ADDWWWROOTFORMATOnly *PKCS10 requests are imported

The format of the generated keylist file has changed. Along with the keylist file two additional files are generated. They have the same name as the keylist file, but have the extensions of CER and KEY and are created in the same directory as the keylist file. These three files must be copied, moved, and backed up as a set.

This PTF requires that Web Server/400 PTF WWW130029 be installed.

This PTF contains all of the previous Commerce Server/400 PTFs.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0D product.

NOTE: The links below contain the exportable version of this PTF, which supports 56-bit encryption. If you are a domestic user wishing to incorporate full 128-bit encryption, you may obtain the domestic version by contacting I/NET Support.


IMPI EXPORT PTF file location:ftp.inetmi.com/pub/comserv/export/com100009.savf
RISC EXPORT PTF file location:ftp.inetmi.com/pub/comserv/export/com100009r.savf
Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100009.txt

The COM100010 PTF

This PTF will is only supported under OS/400 versions V3R2, V3R7 and above.

This PTF requires that either Commerce Server/400 Version 1.0D is installed or PTF COM100009 be installed.

This PTF fixes a problem caused by PTF COM100009 where a server would not start when a large number of RPs were being started.

The following errors are being returned: WWW07D8, WWW07D7, WWW0805, and WWW0907.

NOTE: This PTF has been integrated into the Commerce Server/400 1.0E product.

NOTE: The links below contain the exportable version of this PTF, which supports 56-bit encryption. If you are a domestic user wishing to incorporate full 128-bit encryption, you may obtain the domestic version by contacting I/NET Support.


IMPI EXPORT PTF file location:ftp.inetmi.com/pub/comserv/export/com100010.savf
RISC EXPORT PTF file location:ftp.inetmi.com/pub/comserv/export/com100010r.savf
Verbose Description and Instructions:ftp.inetmi.com/pub/comserv/com100010.txt

 
^ Back to top