69690 - Connections to the SAS/CONNECT® spawner on SAS® 9.4M7 under z/OS fail when you use AES network encryption or AES encrypted credentials

Problem Note 69690: Connections to the SAS/CONNECT® spawner on SAS® 9.4M7 under z/OS fail when you use AES network encryption or AES encrypted credentials

Connections to SAS Spawners or SAS type servers on SAS 9.4M7 (TS1M7) under z/OS can fail in two ways when you have installed Hot Fix I8E009 and Hot Fix L1J001 and use AES.

Failure 1

When you connect to the SAS Spawner or SAS servers on SAS 9.4M7 on z/OS using an AES encrypted password, the credentials fail authentication with an error similar to the following if the encrypted password was created in SAS^® 9.4M6 (TS1M6) or earlier:

 ICSF function CSNBSYD at line 2406 failed with a return code of 8 and with a reason code of 2028 (0x7ec) 

 ICSF function CSNBSYD at line 2406 failed with a return code of 8 and with a reason code of 2028 (0x7ec)  

 Could not decode supplied password. 

Failure 2

When you connect to a SAS Spawner or SAS type server on SAS 9.4M7 under z/OS using AES network encryption, the verbose or enhanced logging shows messages similar to the following:

Encryption error -1 (0xffffffff) occurred in BSL_ExportSecretKey at line 1414.

cipherInheritKey: fetchContext for cxtx status=-2139099128 (0x807ff008)

cipherInheritKey: Exit, status=-2139099128 (0x807ff008)

serverThread: cannot inherit key from server

serverThread: posting status -2051026873 (0x85bfd047) to client thread

Cannot exchange the server's cipher with the server.

....

These errors occur due to Hot Fix I8E009 and Hot Fix L1J001 that are included in the container Hot Fix L1K001. These hot fixes are no longer available. If you applied these hot fixes, you can re-install SAS 9.4M7 on z/OS without Hot Fix I8E009 and Hot Fix L1J001.

Click the Hot Fix tab in this note to access the hot fix for this issue.

Operating System and Release Information

Product Family	Product	System	Product Release		SAS Release
			Reported	Fixed*	Reported	Fixed*
SAS System	Base SAS	z/OS	9.4_M7	9.4_M8	9.4 TS1M7	9.4 TS1M8
		z/OS 64-bit	9.4_M7	9.4_M8	9.4 TS1M7	9.4 TS1M8

* For software releases that are not yet generally available, the Fixed Release is the software release in which the problem is planned to be fixed.

Type:	Problem Note
Priority:	high

Date Modified:	2023-08-18 15:31:19
Date Created:	2022-11-15 19:47:05

Support

Problem Note 69690: Connections to the SAS/CONNECT® spawner on SAS® 9.4M7 under z/OS fail when you use AES network encryption or AES encrypted credentials

Failure 1

Failure 2

Operating System and Release Information