APAR status
Closed as program error.
Error description
When using stopServer -trace option, the keystore password for
the SSL client key is visible in plain text format in
corresponding stopServer.log file, regardless of whether or not
valid userid and password credentials are supplied or not when
security is Enabled.
Local fix
N/A
Problem summary
****************************************************************
* USERS AFFECTED: WebSphere Application Server users trying *
* to stop the app server with -trace option. *
****************************************************************
* PROBLEM DESCRIPTION: trustStorePassword and *
* keyStorePassword are displayed as *
* plain text in the log file. *
****************************************************************
* RECOMMENDATION: *
****************************************************************
trustStorePassword and keyStorePassword are displayed as plain
text in the log file.
Problem conclusion
Changed code in AdminClientFactory.java to encrypt
trustStorePassword and keyStorePassword.
Temporary fix
The interim fixhas been sent to customer
Comments
APAR information |
APAR number |
PQ87741 |
Reported component name |
WAS BASE 5.0 |
Reported component ID |
5630A3600 |
Reported release |
00S |
Status |
CLOSED PER |
PE |
NoPE |
HIPER |
NoHIPER |
Special Attention |
NoSpecatt |
Submitted date |
2004-04-20 |
Closed date |
2004-06-07 |
Last modified date |
2004-06-07 |
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Modules/Macros
Publications Referenced
Applicable component levels |
R003 PSY |
UP |
R00A PSY |
UP |
R00H PSY |
UP |
R00I PSY |
UP |
R00P PSY |
UP |
R00S PSY |
UP |
R00W PSY |
UP |
R103 PSY |
UP |
R10A PSY |
UP |
R10H PSY |
UP |
R10I PSY |
UP |
R10P PSY |
UP |
R10S PSY |
UP |
R10W PSY |
UP |
|