PK40949: NULLPOINTEREXCEPTION RUNNING SHELL SCRIPT (IE. STOPSEVERS.SH) AFTER BEING PROMPTED TO "ADD SIGNER TO THE TRUST STORE NOW?"

 Fixes are available

6.1.0.15 WebSphere Application Server V6.1 Fix Pack 15 for i5/OS
6.1.0.13 WebSphere Application Server V6.1 Fix Pack 13 for AIX
6.1.0.15 WebSphere Application Server V6.1 Fix Pack 15 for AIX
6.1.0.15: WebSphere Application Server V6.1 Fix Pack 15 for HP-UX
6.1.0.15: WebSphere Application Server V6.1 Fix Pack 15 for Windows
6.1.0.13: WebSphere Application Server V6.1 Fix Pack 13 for Windows
6.1.0.17 WebSphere Application Server V6.1 Fix Pack 17 for i5/OS
6.1.0.13: WebSphere Application Server V6.1 Fix Pack 13 for i5/OS
6.1.0.13: WebSphere Application Server V6.1 Fix Pack 13 for HP-UX
6.1.0.17: WebSphere Application Server V6.1 Fix Pack 17 for Linux
6.1.0.17: WebSphere Application Server V6.1 Fix Pack 17 for Solaris
6.1.0.17: WebSphere Application Server V6.1 Fix Pack 17 for HP-UX
6.1.0.17: WebSphere Application Server V6.1 Fix Pack 17 for Windows
6.1.0.17 WebSphere Application Server V6.1 Fix Pack 17 for AIX
6.1.0.13: WebSphere Application Server V6.1 Fix Pack 13 for Solaris
6.1.0.15: WebSphere Application Server V6.1 Fix Pack 15 for Linux
6.1.0.15: WebSphere Application Server V6.1 Fix Pack 15 for Solaris
6.1.0.9 WebSphere Application Server V6.1 Fix Pack 9 for AIX
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for i5/OS
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for HP-UX
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for Linux
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for Solaris
6.1.0.9: WebSphere Application Server V6.1 Fix Pack 9 for Windows
6.1.0.11: WebSphere Application Server V6.1 Fix Pack 11 for HP-UX
6.1.0.11: WebSphere Application Server V6.1 Fix Pack 11 for Windows
6.1.0.11: WebSphere Application Server V6.1 Fix Pack 11 for Solaris
6.1.0.11: WebSphere Application Server V6.1 Fix Pack 11 for Linux
6.1.0.11: WebSphere Application Server V6.1 Fix Pack 11 for i5/OS
6.1.0.11 WebSphere Application Server V6.1 Fix Pack 11 for AIX
6.1.0.13: WebSphere Application Server V6.1 Fix Pack 13 for Linux
6.1.0.19 WebSphere Application Server V6.1 Fix Pack 19 for AIX
6.1.0.19: WebSphere Application Server V6.1 Fix Pack 19 for HP-UX
6.1.0.19 WebSphere Application Server V6.1 Fix Pack 19 for i5/OS
6.1.0.19: WebSphere Application Server V6.1 Fix Pack 19 for Linux
6.1.0.19: WebSphere Application Server V6.1 Fix Pack 19 for Solaris
6.1.0.19: WebSphere Application Server V6.1 Fix Pack 19 for Windows
Java SDK 1.5 SR8 Cumulative Fix for WebSphere Application Server



APAR status
Closed as program error.

Error description
If a user logs into an OMVS shell or telnet and attempts to run
a shell
script in the WAS_HOME/AppServer/profiles/bin directory
(ie. stopServer.sh) which attempts to make an SSL call, and the
logged
in userid does not have the keyring or certificate authority
needed by
the client in its truststore, a NullPointerException may occur
when prompted to add the certificate to the truststore.

Add signer to the trust store now? (y/n) y

-------------
Here is the signer information (verify the digest value matches
what is
displayed at the server):

Subject DN:    CN=BOSSXXXX.PLEX1.L2.IBM.COM, OU=SY1, O=IBM
Issuer DN:     CN=WAS CertAuth for Security Domain, OU=SY1
Serial number: 2
Expires:       Fri Dec 31 23:59:59 EST 2010
SHA-1 Digest:
3C:2A:F2:CF:AF:9F:08:E6:86:D2:D8:D8:45:EB:DE:9B:0F:C8:C2:E8
MD5 Digest:    21:FF:1B:01:E5:0C:3B:33:60:C0:5C:C6:73:0F:B6:D5

Subject DN:    CN=WAS CertAuth for Security Domain, OU=SY1
Issuer DN:     CN=WAS CertAuth for Security Domain, OU=SY1
Serial number: 0
Expires:       Fri Dec 31 23:59:59 EST 2010
SHA-1 Digest:
3C:2A:F2:CF:AF:9F:08:E6:86:D2:D8:D8:45:EB:DE:9B:0F:C8:C2:E8
MD5 Digest:    21:FF:1B:01:E5:0C:3B:33:60:C0:5C:C6:73:0F:B6:D5

Add signer to the trust store now? (y/n) y
----------

The exception appears as:

java.lang.NullPointerException
com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509
TrustMan
        at com.ibm.jsse2.hb.checkServerTrusted(hb.java:1)
        at com.ibm.jsse2.eb.a(eb.java:131)
        at com.ibm.jsse2.eb.a(eb.java:200)
        at com.ibm.jsse2.db.m(db.java:81)
        at com.ibm.jsse2.db.a(db.java:402)
        at com.ibm.jsse2.jc.a(jc.java:24)
        at com.ibm.jsse2.jc.g(jc.java:458)
        at com.ibm.jsse2.jc.a(jc.java:67)
        at com.ibm.jsse2.jc.startHandshake(jc.java:342)
        at
org.apache.soap.util.net.SSLUtils.buildSSLSocket(Unknown
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
        at java.lang.reflect.Method.invoke(Method.java:615)
org.apache.soap.util.net.HTTPUtils.buildSocket(Unknown
        at org.apache.soap.util.net.HTTPUtils.post(Unknown
org.apache.soap.transport.http.SOAPHTTPConnection.send(Unknown
        at org.apache.soap.rpc.Call.invoke(Unknown Source)
com.ibm.ws.management.connector.soap.SOAPConnectorClient$4.run(S
com.ibm.ws.security.util.AccessController.doPrivileged(AccessCon
com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconne
com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>(
sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeCons
sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Delega
java.lang.reflect.Constructor.newInstance(Constructor.java:521)
com.ibm.websphere.management.AdminClientFactory.createAdminClien
com.ibm.ws.management.tools.LaunchUtils.getAdminClient(LaunchUti
com.ibm.ws.management.tools.LaunchUtils.getAdminClient(LaunchUti
com.ibm.ws.management.tools.WsServerStop.runTool(WsServerStop.ja
com.ibm.ws.management.tools.AdminTool.executeUtility(AdminTool.j
com.ibm.ws.management.tools.WsServerStop.main(WsServerStop.java:
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
        at java.lang.reflect.Method.invoke(Method.java:615)
com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:18
com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:90)
com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:72)
org.eclipse.core.internal.runtime.PlatformActivator$1.run(Platfo
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.run
ion(EclipseAppLauncher.java:92)
org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.sta
seAppLauncher.java:68)
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStart
org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStart
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod
        at java.lang.reflect.Method.invoke(Method.java:615)
org.eclipse.core.launcher.Main.invokeFramework(Main.java:336)
org.eclipse.core.launcher.Main.basicRun(Main.java:280)
        at org.eclipse.core.launcher.Main.run(Main.java:977)
com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLaunche
com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:89
)
Local fix
Confirm that the userid that you are logged in with
(ie. wsadmin) has the correct certificate authority in its
keyring prior to invoking the shell script.
Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V6.1 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: NullPointerException when running a     *
*                      shell script, like stopServer.sh, for   *
*                      a user that does not have a             *
*                      configured keyring.                     *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
For a user that does not have a keyring setup and that user
attempts to execute an administrative script like
stopServer.sh a NullPointerException is printed to the OMVS
shell or the telnet console.

The exception is shown as:

java.lang.NullPointerException
com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted
at com.ibm.jsse2.hb.checkServerTrusted(hb.java:1)
at com.ibm.jsse2.eb.a(eb.java:131)
at com.ibm.jsse2.eb.a(eb.java:200)
at com.ibm.jsse2.db.m(db.java:81)
at com.ibm.jsse2.db.a(db.java:402)
at com.ibm.jsse2.jc.a(jc.java:24)
at com.ibm.jsse2.jc.g(jc.java:458)
at com.ibm.jsse2.jc.a(jc.java:67)
at com.ibm.jsse2.jc.startHandshake(jc.java:342)
at
org.apache.soap.util.net.SSLUtils.buildSSLSocket(Unknown...)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native...)
 .
 .
 .
Problem conclusion
The code was modified to not print the stack trace for the
NullPointerException in the OMVS shell or telnet console.

APAR PK40949 is currently targeted for inclusion in Service
Level (Fix Pack) 6.1.0.9 of WebSphere Application Server V6.1
for z/OS.
Temporary fix Comments
APAR information
APAR number PK40949
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 610
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2007-03-12
Closed date 2007-05-03
Last modified date 2007-07-04

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSN    UP
R601 PSN    UP
R610 PSY UK25977    UP07/06/26 P F706

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PK40949.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 610
Software edition:
Reference #: PK40949
IBM Group: Software Group
Modified date: Jul 4, 2007