PQ77381: SSLHANDSHAKEEXCEPTION UNKNOWN CERTIFICATE ISSUED AFTER JSSE CUMULATIVE FIX DATED 3/17/2003 IS APPLIED

 A fix is available

WebSphere Application Server_Security_JSSE_cumulative_Fix for V 5.0



APAR status
Closed as program error.

Error description
After applying the WebSphere Security JSSE r2 Cumulative
Interim Fix for V4.0.1 - V4.0.5, which uses ibmjsse.jar file
dated 3/17/2003, the customer now gets the following errors
in his application server stdout file when trying to display
a document:
Error opening Input Stream:
javax.net.ssl.SSLHandshakeException: unknown certificate
java.lang.NullPointerException
The customer can bypass the error if he disables security.
When the customer tested with ibmjsse.jar file dated 5/16/2003
and the newer version dated 6/6/2003, the problem went away.
Therefore this APAR is to record the customer symptoms and
request a WebSphere packaged fixed. Customer is running Sun
Solaris V5.8 with WebSphere V4.0.4.
Local fix Problem summary
****************************************************************
* USERS AFFECTED: All WebSphere Application Server users who   *
*                 have enabled security, are using HTTPS       *
*                 between the Web server and application       *
*                 server or are programatically making SSL     *
*                 connections via JSSE.                        *
****************************************************************
* PROBLEM DESCRIPTION: An error is received when a user        *
*                      attempts attempts to display a document *
*                      when security is enabled.               *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
The following exception may be received in the application
server stdout file when attempting to display a document when
security is enabled:
javax.net.ssl.SSLHandshakeException : unknown certificate
Problem conclusion
The IBM JSSE build 20030707 was integrated into WebSphere.
Temporary fix
WAS_Security_06-06-2003_4.0.6-4.0.5-4.0.4-4.0.3-4.0.2-4.0.1_
JSSE_cumulative_Test.jar
Comments
APAR information
APAR number PQ77381
Reported component name WEBSPHERE AE SO
Reported component ID 5630A3600
Reported release 00A
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-08-12
Closed date 2003-08-12
Last modified date 2003-08-12

APAR is sysrouted FROM one or more of the following:
PQ75151

APAR is sysrouted TO one or more of the following:

Modules/Macros
Security          

Publications Referenced

Fix information
Fixed component name WEBSPHERE AE SO
Fixed component ID 5630A3600

Applicable component levels
R003 PSY    UP
R00A PSY    UP
R00H PSY    UP
R00S PSY    UP
R00W PSY    UP


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > General
Operating system(s):
Software version: 00A
Software edition:
Reference #: PQ77381
IBM Group: Software Group
Modified date: Aug 12, 2003