Answer
FixCentral uses Encrypted downloads.
Customers using FixCentral to download fixes are unaffected, because as the announcement states, Fix Central uses encrypted downloads already.
SNDPTFORD is the primary concern.
Customers that use SNDPTFORD may be affected, depending on their version of IBM i. This document is intended so that you may easily verify that your system is using encryption with SNDPTFORD.
IBM i 7.1
IBM i 7.1 is no longer supported and no further PTFs are being created for it. SNDPTFORD at IBM i 7.1 will not work with encryption and customers need to use FixCentral instead.
IBM i 7.2
At IBM i 7.2, you must both update your Electronic Service Agent (ESA) and Electronic Customer Support (ECS) configuration to use the new EDGE servers and enable encrypted communications over port 443. The steps to make this configuration change are provided in the document Electronic Service Agent (ESA) and Electronic Customer Support (ECS) VPN and HTTP Firewall Settings under the section Resolving the Problem > V7R2. Once this change has been made, apply the fixing PTF SI79293 or its supersede. APAR SE69832 explains that this PTF was needed to include the latest ECC Common Client release (2.3.2).
IBM i 7.3
For IBM i 7.3, APAR SE69832 explains that new PTFs were needed to include the latest ECC Common Client release (2.3.2). This new release “provides high speed download support using port 443. This will eliminate the need for port 80 for SNDPTFORD and all other ECC electronic support.” The PTF that provides this updated ECC version for 7.3 is SI68172. Once it or a superseding PTF are applied, SNDPTFORD will use encryption during downloads.
IBM i 7.4 and 7.5
IBM i 7.4 and 7.5 already ship with an updated version of the ECC Common Client, so no PTFs for SNDPTFORD are necessary.
The only other area of concern are users using custom APIs
The only other area of concern regarding this situation were a small number of customers that are known to be using APIs to directly download fixes from IBM and bypass FixCentral. Some of those systems were using unencrypted file transfer, and that will not be supported.
[{“Type”:”MASTER”,”Line of Business”:{“code”:”LOB57″,”label”:”Power”},”Business Unit”:{“code”:”BU058″,”label”:”IBM Infrastructure w/TPS”},”Product”:{“code”:”SWG60″,”label”:”IBM i – SWG60″},”ARM Category”:[{“code”:”a8m0z000000cwp6AAA”,”label”:”Save Restore”}],”ARM Case Number”:”TS011956161″,”Platform”:[{“code”:”PF012″,”label”:”IBM i”}],”Version”:”7.1.0;7.2.0;7.3.0;7.4.0;7.5.0″}]
