You are currently offline, waiting for your internet to reconnect

FIX: Session Integrator in Host Integration Server 2010 may return an error message when it connects to a TN3270 SSL-enabled port on an IBM mainframe: "Server certificate check failed"

Consider the following scenario:
  • You run an application that uses Session Integrator in Microsoft Host Integration Server 2010 to connect to an IBM mainframe by using the TN3270 service.
  • Session Integrator connects to TCP/IP port 992. This is the TN3270 port that supports Secure Sockets Layer (SSL).
  • The Session Integrator application is configured as CertificateCheck = TNCertificateCheck.None to indicate that the server certificate will not be verified.

In this scenario, if the certificate on the IBM mainframe is large, Session Integrator may return the following exception when it connects to the IBM mainframe system:
Microsoft.HostIntegration.SNA.Session.SessionException: Server certificate check failed

For example, this problem occurs when the certificate that is used for the TN3270 SSL connection is 4,000 bytes long. This problem does not occur when the certificate is 1,500 bytes long.
This problem occurs because Session Integrator incorrectly reads the certificate data.

Cumulative update information

The fix that resolves this issue is included in cumulative update package 6 for Host Integration Server 2010. For more information about how to obtain the cumulative update package, click the following article number to view the article in the Microsoft Knowledge Base:
2752426 Cumulative update package 6 for Host Integration Server 2010

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.
The third-party products that this article discusses are manufactured by companies that are independent of Microsoft. Microsoft makes no warranty, implied or otherwise, about the performance or reliability of these products.

Article ID: 2782858 - Last Review: 11/28/2012 23:31:00 - Revision: 1.0

Microsoft Host Integration Server 2010

  • kbqfe kbfix kbexpertiseinter kbbug kbsurveynew KB2782858