Problem

PeSIT SSL

CFT 3.2.x and higher from or to CFT 2.7.1, 3.0.1 or 3.1.3 versions

Random protocol error (e105s86 or e75s89)

Resolution

It is a bug when doing PeSIT SSL with CFT 3.2.x or higher and any of Transfer CFT 2.7.x, 3.0.x or 3.1.x

The issue itself is related to a bug with the PeSIT protocol CONCAT option when using SSL.

The receiver detect a 'false' protocol error related to the Concatenation in some condition.

That random issue has been identified and fixed in March 2017.

Ensure your CFT versions are upgraded to a SP of a higher date.

The fix is effective for version 3.0.1 in SP10 P4 and there is no issue with version 3.1.3 from the SP8:

Description: Some transfers randomly failed with a PeSIT protocol error (e105s86 or e75s89) when doing SSL exchanges with Transfer CFT v3.2.0 and higher. unexpectedly when under a certain attack process, using a lot of CPU resources. Comment : An error in PeSIT automate handling has been fixed and it solves this issue.

Note1: there is no fix for version 2.7.1 as this last was already end of support at time the issue has been discovered (when 3.2.0 was delivered). The Workaround below can be applied though.

Note2: As a workaround, you can change the the parameter xCHKW from the macro CFTPROT to 1. This value is negotiated between partners, the change can be done any-side.

Indeed, having an acknowledgment for each xPACING value may have an incidence on the overall performances. To overcome this possible issue, the checkpoint interval (SPACING & RPACING) can be set to a higher value.