Difference between revisions of "E-Business Server:Cannot disable USEICSF"

From SDS
Jump to navigation Jump to search
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
 +
 +
 +
 +
 +
 
== Cannot disable USEICSF ==
 
== Cannot disable USEICSF ==
  
Line 8: Line 13:
 
IBM z/OS<br />
 
IBM z/OS<br />
 
IBM USS<br />
 
IBM USS<br />
 +
  
 
'''Problem'''
 
'''Problem'''

Latest revision as of 10:44, 21 October 2019



Cannot disable USEICSF

Technical Articles ID: SDSKB2


Environment E-Business Server 7.x
IBM z/OS
IBM USS


Problem

Integrated Cryptographic Service Facility (ICSF) is used even after USEICSF=NO is coded in the config file.

NOTE: You can use ICSF only if it is available on your computer.


Solution

Upgrade to 7.7.0 or higher. USEICSF is deprecated as of release 7.7.0, and is replaced by ICSFENCRYPT for data encryption and ICSFRANDOM for random number generation. The default action is to enable both.

Note that prior to 7.7, USEICSF =ON / OFF was used to determine whether entropy is automatically generated for key creation AND the use of ICSF for 3DES data encryption. The latter function should have been disabled by USEICSF = NO, but it was not. In 7.7 the two features are controlled separately, and the controls work for both.