JAVA.SECURITY file for HP-UX AND SUN contains the wrong SECURITY.PROVIDER list
 Technote (troubleshooting)
 
Problem(Abstract)
The problem was found by a customer using Web Services with security enabled on a HP platform. The error seen running the Web Services application was:
-
WSEC5184E: The key with "ggggg" alias can´t be loaded from the
Key store "/sss/WebSphere/AppServer/etc/ws-security/xxx/
dsig-receiver.ks" (The password could be wrong):
java.security.UnrecoverableKeyException: Cannot recover key
 
Cause
The java.security file that ships with the HPUX® and Sun Solaris version of IBM® WebSphere® Application Server V5.0 is incorrect. It contains the list of security providers in the wrong order.

The file contains the following list:
security.provider.1=com.ibm.security.jgss.IBMJGSSProvider
security.provider.2=sun.security.provider.Sun
security.provider.3=com.ibm.crypto.provider.IBMJCE
security.provider.4=com.ibm.jsse.IBMJSSEProvider
security.provider.5=com.ibm.security.cert.IBMCertPath
# security.provider.6=com.ibm.crypto.pkcs11.provider.IBMPKCS11

The correct list should be:
security.provider.1=com.ibm.security.jgss.IBMJGSSProvider
security.provider.2=com.ibm.crypto.provider.IBMJCE
security.provider.3=sun.security.provider.Sun
security.provider.4=com.ibm.jsse.IBMJSSEProvider
security.provider.5=com.ibm.security.cert.IBMCertPath
-
It is important to have com.ibm.crypto.provider.IBMJCE before sun.security.provider.Sun
 
Resolving the problem
Edit the java.security file to contain the correct security.provider list. It is located in
<WAS install directory>/java/jre/lib/security.

The problem is described in APAR PK11210 which has been closed as a Permanent Restriction in this release.

 
 
Cross Reference information
Segment Product Component Platform Version Edition
Application Servers Runtimes for Java Technology Java SDK
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Web Services Security
Operating system(s): Solaris
Software version: 5.1
Software edition:
Reference #: 1216458
IBM Group: Software Group
Modified date: Sep 7, 2005