WebSphere Process Server messages     Operating Systems: All supported

CWPKI

CWPKI0001I: SSL service is initializing the configuration
Problem SSL service is initializing the configuration.
User response None. Informational only
CWPKI0002I: SSL service initialization completed successfully
Problem SSL service initialization completed successfully..
User response None. Informational only
CWPKI0003I: SSL service is starting
Problem SSL service is starting.
User response None. Informational only
CWPKI0004I: SSL service started successfully
Problem SSL service started.
User response None. Informational only
CWPKI0005I: SSL service initialization failed
Problem SSL service initialization failed
User response None. Informational only
CWPKI0006E: Error creating or registering {0} mBean. The exception is {1}
Problem An unexpected exception occurred when trying to create or register an mBean.
User response There may be a problem with the configuration. The exception may include details.
CWPKI0007I: SSL service failed to start successfully
Problem SSL service did not start.
User response None. Informational only
CWPKI0008E: Error during SSL initialization. The exception is {0}.
Problem An unexpected error occurred during security initialization.
User response This is a general error. Look for previous messages that may be related to the failure or a configuration problem. Enabling SSL=all=enabled debug trace may yield additional information.
CWPKI0009E: Cannot create security object during initialization.
Problem Cannot create the security object from repository. Internal Error.
User response The security.xml might be corrupted or missing. Contact your service representative.
CWPKI0010E: Cannot obtain the WAS process type during initialization.
Problem This exception is unexpected. The cause is not immediately known.
User response If the problem persists, see problem determination information on the WebSphere Application Server Support page at http://www.ibm.com/software/webservers/appserv/was/support/.
CWPKI0011E: Failed to load {0} resource from cell. The exception is {1}
Problem The specified resource could not be loaded due to an exception.
User response The failure may be related to a configuration problem related to the resource.
CWPKI0012I: FIPS is enabled.
Problem The server is running in FIPS mode, using the IBMJCEFIPS provider.
User response No user action is required.
CWPKI0013W: FIPS is enabled but the IBMJCEFIPS provider is not active in the java.security file. To ensure FIPS algorithms usage for all WAS process types, uncomment the IBMJCEFIPS provider in the java.security file, ahead of the IBMJCE, and renumber the provider list in sequential order.
Problem When the server is running in FIPS mode the IBMJCEFIPS provider should be in the java.security file.
User response The java.security file needs to be changed to include the IBMJCEFIPS provider in the provider list before the IBMJCE provider.
CWPKI0014I: The SSL component''s FFDC Diagnostic Module {0} registered successfully: {1}.
Problem Describes whether or not the SSL component's FFDC Diagnostic module was successfully registered.
User response None. Informational only.
CWPKI0015E: Error stopping SSL component. The exception is {0}.
Problem An unexpected error occurred stopping the SSL component.
User response This is a general error. Look for previous messages that may be related to the failure or a configuration problem. Enabling SSL=all=enabled debug trace may yield additional information.
CWPKI0016W: The certificate with alias {0} from keyStore {1} will be expired in {2} days.
Problem A certificate is about to expire in the keystore.
User response Open the keystore and validate the expiration dates on all certificates in the keystore. Prepare to generate new certificates, if necessary.
CWPKI0017E: The certificate with alias {1} from keyStore {2} is expired.
Problem A certificate is expired in the keystore.
User response Open the keystore and validate the expiration dates on all certificates in the keystore. Remove any expired certs.
CWPKI0018W: The keystore type of {0} is not valid for SSL config alias {1}.
Problem The keystore type configured is not correct.
User response Change the keystore type in the SSL configuration.
CWPKI0019E: Error parsing the SSL client configuration file {0}. The error returned is {1}.
Problem There may be a problem with the syntax of the ssl.client.props file or the location of the file is invalid.
User response Review the error returned and check the syntax and location of the ssl.client.props file.
CWPKI0020E: Error loading custom trust manager class {0}. The exception message is {1}.
Problem A class loading error occurred loading the custom trust manager configured.
User response Ensure the class can be found in the environment.
CWPKI0021E: Error loading custom key manager class {0}. The exception message is {1}.
Problem A class loading error occurred loading the custom key manager configured.
User response Ensure the class can be found in the environment.
CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "{0}" was sent from target host:port "{1}". The signer may need to be added to local trust store "{2}" located in SSL configuration alias "{3}" loaded from SSL configuration file "{4}". The extended error message from the SSL handshake exception is: "{5}".
Problem An error occurred during the SSL handshake. It may require a signer export/import from the target host to the client TrustStore.
User response Review the extended error message coming from the TrustManager to help determine what needs to change between the target SSL configuration and the client SSL configuration.
CWPKI0023E: The certificate alias "{0}" specified by the property com.ibm.ssl.keyStoreClientAlias is not found in KeyStore "{1}".
Problem The certificate alias specified for this SSL configuration is not in the specified KeyStore.
User response Either add a certificate into the KeyStore with the specified certificate alias or change the specified certificate alias to match an alias found in the client KeyStore.
CWPKI0024E: The certificate alias "{0}" specified by the property com.ibm.ssl.keyStoreServerAlias is not found in KeyStore "{1}".
Problem The certificate alias specified for this SSL configuration is not in the specified KeyStore.
User response Either add a certificate into the KeyStore with the specified certificate alias or change the specified certificate alias to match an alias found in the server KeyStore.
CWPKI0025E: Could not load the https Handler class "{0}". The extended error message is {1}.
Problem There was a classloading error trying to load the HTTPS URLStreamHandler class.
User response Check the SSL configuration to ensure the context provider is correct for the platform.
CWPKI0026E: Error reinitializing the SSL configuration after a change to security.xml. The extended error message is "{0}".
Problem An exception occurred reading the SSL configurations from the security.xml after a change occurred.
User response Review the exception message text and verify the SSL configuration parameters are valid.
CWPKI0027I: Disabling default hostname verification for HTTPS URL connections.
Problem Hostname verification will be disabled by default for URL connections. Hostname verification checks that the X509 Certificate Common Name (CN) matches the hostname it is from.
User response To enable default JSSE URL hostname verification, set the com.ibm.ssl.performURLHostNameVerification property to true.
CWPKI0028E: SSL handshake protocol "{0}" is not valid. This protocol is specified in the SSL configuration alias "{1}" loaded from SSL configuration file "{2}". The extended error message is: "{3}".
Problem The handshake protocol specified is not recognized as a valid handshake protocol.
User response Check the SSL configuration to ensure the right handshake protocol is specified.
CWPKI0029E: SSL context provider "{0}" is not valid. This provider is specified in the SSL configuration alias "{1}" loaded from SSL configuration file "{2}". The extended error message is: "{3}".
Problem The SSL context provider specified is not recognized as a valid context provider.
User response Check the SSL configuration to ensure the correct SSL context provider is specified.
CWPKI0030E: Error occurred exchanging signers between cell and node. The exception that occurred is: {0}.
Problem The DefaultKeyStores between cell and node will have exchange signers with corresponding DefaultTrustStores. An error occurred during this process.
User response A manual signer exchange may need to take place.
CWPKI0031E: Error creating a client keystore or truststore during initialization. The exception that occurred is: {0}.
Problem An error occurred while creating the file-based keystore or truststore during process initialization. Check that the keystore or truststore settings are valid.
User response Verify the keystore or truststore settings in the ssl.client.props.
CWPKI0032E: Error creating a self-signed certificate. The exception that occurred is: {0}.
Problem An error occurred while creating a self-signed certificate during process startup.
User response Check that the default self-signed certificate property values (com.ibm.ssl.defaultCertReq*) are valid.
CWPKI0033E: The keystore located at "{0}" failed to load due to the following error: {1}.
Problem An error occurred while creating or opening the keystore.
User response Check that the properties in the keystore configuration and ensure the keystore exists.
CWPKI0034E: Schedule "{0}" could not be initialized because of the following error: "{1}".
Problem An error occurred initializing the schedule.
User response Check that the properties for the scheduler are valid. Ensure the /etc directory is writable.
CWPKI0035E: Schedule "{0}" could not read the next scheduled date. Initializing alarm for the following date: {1}.
Problem An error occurred reading the date from the schedule file in /etc.
User response Ensure the /etc directory is writable or the file has not been modified.
CWPKI0036E: Error sending email to "{0}" using smtp server "{1}". The exception message is: "{2}".
Problem An error occuring sending email to the specified SMTP server.
User response Ensure the SMTP server specified is valid and that your companies firewall policy allows sending to SMTP ports.
CWPKI0037I: Expiration monitor reports the following information: {0}.
Problem This is information regarding certificate expiration.
User response May need to manage certificates to resolve the reported problems.
CWPKI0038E: Expiration monitor failed to start with the following error: {0}.
Problem A problem occurred starting the expiration monitor command task.
User response Try starting the expiration monitor explicitly to determine more information about the error.
CWPKI0039E: Cannot find Node connector properties for the hostname {0} in the hostlist for keystore {1}.
Problem Make sure the hostname entered is in the canonical format as it appears in serverindex.xml.
User response Edit the hostlist to convert it to the proper canonical format.
CWPKI0040I: An SSL handshake failure occurred from a secure client. The server's SSL signer has to be added to the client's trust store. A retrieveSigners utility is provided to download signers from the server but requires administrative permission. Check with your administrator to have this utility run to setup the secure enviroment before running the client. Alternatively, the com.ibm.ssl.enableSignerExchangePrompt can be enabled in ssl.client.props for "DefaultSSLSettings" in order to allow acceptance of the signer during the connection attempt.
Problem This message is for providing options for the client to retrieve signers needed for a successful SSL connection.
User response Either run retrieveSigners or enable the signer exchange prompt to correct the problem.
CWPKI0041W: One or more key stores are using the default password.
Problem Default key store passwords should be changed when possible.
User response Change all key store passwords either using AdminConsole or IKeyMan.
CWPKI0200E: An attempt to generate keys using KeySet {0} occurred when the KeySet is not configured to generate keys. The detailed message is: {1}.
Problem The KeySet either does not have a keyGenerationClass defined, it cannot find the keyGenerationClass, a read-only KeyStore is associated with the KeySet, or the KeyStore does not allow the writing of secret keys.
User response Modify the configuration so a proper keyGenerationClass is configured and a KeyStore type is configured with allows the writing of secret keys.
CWPKI0201E: Error retrieving key alias {0} from KeySet {1}. The exception that occurred is: {2}.
Problem An error occurred while retrieving keys from the KeyStore for the specified KeySet.
User response Check that the KeySet configuration is correct.
CWPKI0202E: An error occurred trying to instantiate the key generation class {0} configured in KeySet {1}. The detailed message is: {2}.
Problem Either the runtime could not find the key generation class configured for the KeySet or the class does not implement com.ibm.websphere.crypto.KeyGenerator or com.ibm.websphere.crypto.KeyPairGenerator.
User response Check to ensure the key generation class configured is specified in a location which can be found by the WebSphere runtime. Check the InfoCenter on where to specify custom classes for the runtime to find them.
CWPKI0203E: An attempt to import keys to KeySet {0} failed. The detailed message is: {1}.
Problem The keys passed in may not have been correctly formed or the keystore could not be accessed to store them.
User response Attempt to determine the cause based on the exception and adjust the configuration as needed.
CWPKI0204E: An error occurred during a scheduled key generation for KeySetGroup {0}. The detailed error message is: {1}.
Problem A problem occurred while a new key reference was created for the KeySetGroup specified. After the key reference was created in the configuration the key was generated. One of these steps failed.
User response Attempt to determine the cause based on the exception and adjust the configuration as needed.
CWPKI0300I: Use the -listRemoteKeyStoreNames and -listLocalKeyStoreNames options to get list of names for <remoteKeyStoreName> and <localKeyStoreName>, respectively. Usage: retrieveSigners <remoteKeyStoreName> <localKeyStoreName> [options] options: [-profileName <profileName>] [-remoteAlias <aliasFromRemoteStore>] [-localAlias <storeAsAlias>] [-listRemoteKeyStoreNames] [-listLocalKeyStoreNames] [-autoAcceptBootstrapSigner] [-uploadSigners] [-host <host>] [-port <port>] [-conntype <RMI|SOAP>] [-user <user>] [-password <password>] [-trace] [-logfile <filename>] [-replacelog] [-quiet] [-help]
Problem Usage information on the parameters for executing this script.
User response None.
CWPKI0301I: Trace mode is on.
Problem Indicates trace mode is on.
User response None.
CWPKI0302E: Cannot write to the trace logfile at the following location: {0}
Problem Indicates there's a problem writing to the specified logfile.
User response Change the logfile path or make sure the file specified is not in use.
CWPKI0303I: Trace is being logged to the following location: {0}
Problem Indicates where the mode is being logged.
User response None.
CWPKI0304E: The <remoteKeyStoreName> specified as "{0}" was not found on the server.
Problem The remote truststore is not found.
User response Try issuing -listRemoteKeyStoreNames command to get the list of names.
CWPKI0305E: The <aliasFromRemoteStore> specified as "{0}" was not found in truststore "{1}" on the server.
Problem The alias specified was not found in the truststore.
User response Try issuing -listRemoteKeyStoreNames command to get the list of names.
CWPKI0306I: The following remote keystores exist on the specified server: {0}
Problem Indicates a list of the remote keystores.
User response None.
CWPKI0307I: The following local keystores exist on the client: {0}
Problem Indicates a list of the local keystores.
User response None.
CWPKI0308I: Adding signer alias "{0}" to local keystore "{1}" with the following SHA digest: {2}
Problem Indicates the signer being added to the local keystore.
User response None.
CWPKI0309I: All signers from remote keystore already exist in local keystore.
Problem Indicates no signers needed to be added to the local keystore.
User response None.
CWPKI0310E: The <localKeyStoreName> specified as "{0}" was not found on the client.
Problem The local truststore is not found.
User response Try issuing -listLocalKeyStoreNames command to get the list of names.
CWPKI0311E: The certificate with subject DN {0} has a start date {1} which is valid after the current date/time. This will can happen if the client''s clock is set earlier than the server''s clock. Please verify the clocks are in sync between this client and server and retry the request.
Problem The start date of the certificate is not valid.
User response Ensure that the client's clock matches up with the server's clock. Otherwise, create a certificate with the proper start date.
CWPKI0312E: The certificate with subject DN {0} has an end date {1} which is no longer valid.
Problem The certificate has expired.
User response Replace the certificate with a valid certificate.
CWPKI0313W: The following option is not valid: {0}
Problem Check the command line to ensure the options are correct.
User response Check the usage help and retry after correcting the option.
CWPKI0314E: The following error is returned from an exception: {0}
Problem Check the command line to ensure the options are correct.
User response Check the usage help and retry after correcting the option.
Reference topic    

Terms of Use | Feedback

Last updated: Jun 13, 2009 1:00:35 PM CDT
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.messages.doc/com.ibm.ws.ssl.resources.ssl.html

© Copyright IBM Corporation 2006, 2009. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)