PQ85550: THIS APAR ADDRESSES DEFECTS IN WEBSPHERE APPLICATION SERVER V5.0 FOR Z/OS. | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description This APAR addresses defects in WebSphere Application Server V5.0 for z/OS.Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V5.0 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: APAR PQ85550 addresses various defects * * in WebSphere Application Server V5.0 * * for z/OS: * * * * (MD18764) Using wsadmin to query mbean * * type=SessionManager returns no values. * * * * (MD18893) The Administrative Console * * and wsadmin allow users to create a * * server with "#" char in the name * * causing IO error(FileNotFoundException * * was thrown). * * * * (MD18893.1) Entering a "'" (single * * quote) in the server name would cause * * the dialog job BBOMCFG to fail with a * * 256 condition code. * * * * (MD19208) Expected (or non-fatal) * * marshalling problems difficult to * * distinguish from real marshalling * * problems. * * * * (MD19389) Duplicate xmi:id's in * * DB2 RRS Providers cause problems with * * administrative console scripting. * * * * (MD19398) The following message appears * * when you run the exec task. * * exec Creating * * WebSpherePumpStreamhandler: * * com.ibm.ws.ant.utils. * * WebSpherePumpStreamHandler@56de43e7 * * * * (MD19439) No ability to choose which * * SSL server certificate is used for HTTP * * SSL connections. The default * * certificate in the keyring is always * * used. * **************************************************************** * RECOMMENDATION: * **************************************************************** APAR PQ85550 addresses the following defects in WebSphere Application Server V5.0 for z/OS: (MD18764) Running the $AdminControl queryNames *:*,type=SessionManager from the wsadmin prompt does not return any values. (MD18893) The problem with creating a server with the # in the name is that the URI class will not be able to parse the file pathname correctly. In a URI, the # character is the separator between the file path and the fragment (identifier of a part within the file).To fix this problem, ConfigServiceHelper.checkIfValidName method should check for the # character while validating the server name. (MD18893.1) During the Base Application Server configuration of the dialog, if the user specifies a server name with a single quote in it, it would cause the dialog generated job BBOMCFG to fail with a codition code 256: BBOMCFG MCFG2 - STEP WAS EXECUTED - COND CODE 0256 As a result, the AppServer home directory will not be created. (MD19208) Marshalling exceptions are thrown in a variety of situations, not all of which are fatal. Additional diagnostics have been added to distinguish marshalling exceptions that are handled by the ORB. Relevant exceptions: CORBA::MARSHAL with minor code 4942F000 This diagnostic function was also added to WebSphere Application Server V4.0.1 for z/OS and OS/390 via PQ85401. (MD19389) Both the deprecated DB2 zOS Local JDBC Provider (RRS) and DB2 390 Local JDBC Provider (RRS) have the same JDBCProvider xmi:id in the jdbc.resource-provider-templates.xml. This duplication of provider xmi:id's causes problems when using administrative console scripting to reference provider information based on the provider xmi:id. No external error will occur, but the last JDBC provider with the designated xmi:id will be used. If the scripting being done is for updating a provider, this can result in the wrong provider being updated. (MD19398) This message is extraneous and will be removed. (MD19439) No ability to select a specific server certificate based on the the connection ip address or to use any server certificate other than the one specified as the default in the keyring for HTTP SSL connections/requests.Problem conclusion APAR PQ85550 fixes various defects in WebSphere Application Server V5.0 for z/OS. (MD18764) The query does not return any values because the MBean is not made z/OS ready. SessionManager.xml file has been modified to change the platform field from common to dynamicproxy to make this MBean z/OS ready. (MD18893) Adding "#" char in the ConfigServiceHelper.checkIfNameValid method will fix the problem. (MD18893.1) The customization dialog has been updated to not allow the following characters to be entered for long names of cell, node, and server: \/,#$@:;"*?<>|=+&%' (MD19208) With ORB tracing on (ORB=all=enabled), support has been added such that there will be a clear delineation of those marshalling exceptions that are handled by redriving the request with marshalling adjustments. (MD19389) The xmi:id="JDBCProvider_DB2_RRS" in the DB2 zOS Local JDBC Provider (RRS) will be changed to xmi:id="JDBCProvider_DB2_RRS_zOS" to correct the problem. (MD19398) The extraneous message which appears when you run ExecTask has been removed. (MD19439) A new environment variable, protocol_https_default_cert_label, has been added to allow the customer to specify the label of the server certificate that will be used when establishing HTTP SSL connections with the server. Additional support will also be added to allow customers to select one of several server certificates in the keyring based on the ip address of the connection. A new environment variable, protocol_https_cert_mapping_file has been added to specify a file that will contain entries that will map an ip address to a cetificate label. The syntax of the file is: SSLServerCert label ipaddress Where label is the certificate label in single or double quotes. If the label contains a single quote, then double quotes are required as the delimiter. Examples: SSLServerCert 'My Certificate Label' 9.57.4.29 SSLServerCert "My Co.'s Certificate" 9.57.4.30 The following documentation was revised as a result of defect MD19439 shipped in APAR PQ85550: ________________________________________________________________ WebSphere Application Server V5 for z/OS Messages and Codes GA22-7915-00 _______________________________________________________________ This APAR requires changes to documentation. NOTE: Periodically, we refresh the documentation on our Web site, so the changes might have been made before you read this text. To access the latest on-line documentation, go to the product library page at: www.ibm.com/software/webservers/appserv/zos_os390/library.html ________________________________________________________________ Chapter 2, pg. 40 (new message) BBOO0273E FAILED TO OPEN HTTP SSL CERTIFICATE LABEL MAPPING FILE %s. Explanation: WebSphere for z/OS was unable to open the file specified by the environment variable protocol_https_default_cert_label. Programmer response: Make sure the file is correctly specified and the permissions are correct. BBOO0274E HTTP SSL TRANSPORT CERTIFICATE LABEL MAPPING FILE %s HAD PARSE ERRORS. Explanation: WebSphere for z/OS detected parse errors in the file specified by the environment variable protocol_https_default_cert_label. Programmer response: Check the WebSphere for z/OS error log for details. BBOO0275E HTTP SSL TRANSPORT CERTIFICATE LABEL MAPPING FILE PARSE ERROR AT LINE=%d." Explanation: WebSphere for z/OS detected a syntax error with the SSLServerCert entry at the specified line of the file specified by the environment variable protocol_https_default_cert_label. Programmer response: Correct the syntax error and restart server. ________________________________________________________________ A change to the WebSphere Application Server InfoCenter will be made. To access the latest online documentation, go to the product library page at: www.ibm.com/software/webservers/appserv/zos_os390/library/ The change is to article "Cell-wide z/OS variables", which will be updated to include the following descriptions of the two new WebSpher variables protocol_https_cert_mapping_file and protocol_https_default_cert_label: protocol_https_cert_mapping_file Specifies the name of a file containing entries that map IP addresses to server certificate labels. When an SSL connection request is received, the application server checks the IP address against entries in the file specified on this variable. If a match is made the certificate mapped to the IP address is used for the connection. If no match is found, the application server checks for the existence of the protocol_https_default_cert_label variable. If a value has been specified for the protocol_https_default_cert_label variable, the certificate specified will be used to establish the connection. If no value has been specified on protocol_https_default_cert_label variable, the default server certificate specified in the RACF SSL Keyring owned by the application server will be used to establish the HTTP SSL connection. Data type String protocol_https_default_cert_label Specifies the label of the server certificate that should be used when establishing HTTP SSL connections with the application server. If no value is specified and the IP address of the server does not match an IP address contained in the certificate mapping file specified on the protocol_https_cert_mapping_file variable, the default server certificate specified in the RACF SSL Keyring owned by the application server will be used to establish the HTTP SSL connection. Data type String A new article, "Certificate mapping file entries," will be added to the Information Center that describes the syntax of this file. APAR PQ85550 is associated with SERVICE LEVEL W502004 of WebSphere Application Server V5.0 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: UQ86037 Modules/Macros
Publications Referenced
|
Document Information |
Current web document: swg1PQ85550.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ85550
IBM Group: Software Group
Modified date: Apr 3, 2004
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.