WebSphere Application
Server_Security_JSSE_cumulative_Fix for V 5.0
Downloadable files
Abstract
Fix for multiple JSSE problems in WebSphere Application
Server 5.0.0/5.0.1/5.0.2.
Download Description
Specific WebSphere APARs are listed below. This only reflects issues
reported by WebSphere customers, however, and is not a comprehensive list
of defects resolved.
This fix contains IBM JSSE 1.0.3 build 20031213.
PQ72445 WAS4.0.5 and WAS5, KeyManagerFactory can't get the KeyManager.
In WAS4 + ptf3, the KeyManagerFactory can get KeyManagers successfully.
But in WAS4 + ptf5 and WAS5, the KeyManagerFactory can't get KeyManagers.
java.lang.ClassCastException: java.lang.Object
at com.ibm.net.ssl.b.engineGetKeyManagers(Unknow Source)
at com.ibm.net.ssl.KeyManagerFactory.getKeyManagers(Unknow Source)
at Test.main(Test.java:21)
PQ72443 PROBLEM WITH JSSE: WAS/LDAP SYSTEM HANGS DURING USER
AUTHENTICATION USING SSL
When customer has enabled WAS security with LDAP server via SSL, entering
a valid username and an invalid password causes login to hang. Problem
occurs only when using SSL. JSSE to be fixed for resolving issue.
PQ77381 SSLHANDSHAKEEXCEPTION UNKNOWN CERTIFICATE ISSUED AFTER JSSE
CUMULATIVE FIX DATED 3/17/2003 IS APPLIED
After applying the WebSphere Security JSSE r2 Cumulative Interim Fix for
V4.0.1 - V4.0.5, which uses ibmjsse.jar file dated 3/17/2003, the customer
now gets the following errors in his application server stdout file when
trying to display a document:
Error opening Input Stream:
javax.net.ssl.SSLHandshakeException: unknown certificate
java.lang.NullPointerException
The customer can bypass the error if he disables security. When the
customer tested with ibmjsse.jar file dated 5/16/2003 and the newer
version dated 6/6/2003, the problem went away.
Therefore this APAR is to record the customer symptoms and request a
WebSphere packaged fixed. Customer is running Sun Solaris V5.8 with
WebSphere V4.0.4.
PQ82093 Client authentication fails when using JSSE shipped with
07-07-2003 Cumulative Security Fix
At WebSpehre 5.0.0, client authentication to a webserver fails using the
IBM JSSE shipped with
WAS_Security_07-07-2003_5.0.2-5.0.1-5.0.0_JSSE_cumulative_Fix.jar. If the
SUN JSSE is used instead, the client authenticaton works.
Prerequisites
WebSphere Application Server 5.0.0 or 5.0.1 or 5.0.2
Please download the UpdateInstaller below to install this fix.