JDK SR8 update for WebSphere ships wrong cacerts file.
 Technote (troubleshooting)
 
This document applies only to the following language version(s):
English
 
Problem(Abstract)
WebSphere JDK SR8 ships with wrong cacerts file, where some certificates are missing and expired. The problem will not arise until you try to use the cacerts in your application, for example, using verisign class v3.
 
Cause
WebSphere JDK update SR8 ships with wrong cacerts, where errors will only appear if you're trying to use some missing/expired certificates.
 
Resolving the problem
The customer is responsible for the cacerts content, but SR8 was not packaged correctly.

One can use a cacert from another working JDK, like SR7 for example.

Or, one can edit the cacerts using ikeyman tool to add, or renew certificates.

 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): Windows
Software version: 5.0.2.13
Software edition:
Reference #: 1221278
IBM Group: Software Group
Modified date: Oct 31, 2005