PQ74707: UPDATE CUSTOMIZATION TO CREATE HFS KEYSTORES FOR RACF CERTS

 A fix is available

Obtain the fix for this APAR



APAR status
Closed as program error.

Error description
Network Deployment (ND) synchronization failure when security
is enabled.  The node agent keystores used in the configured
JSSE repertoire cannot do a handshake with the Deployment
Managers HTTP Key Store.  This apar will address this issue.
Local fix
Turn off security prior to synchronizing updates made on the
ND configuration.
Problem summary
****************************************************************
* USERS AFFECTED: All users of WebSphere Application Server    *
*                 V5.0 for z/OS                                *
****************************************************************
* PROBLEM DESCRIPTION: Network Deployment (ND) synchronization *
*                      failure can occur when security is      *
*                      enabled.                                *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
WebSphere V5.0 uses both System SSL and JSSE for
secure communications. The jks keystores in the hfs need to
contain the same certificates as are in RACF so that JSSE and
System SSL can communicate with each other.  The customer will
see a "Certificate not found" message in SYSPRINT if the
keystores and RACF Keyrings are not synchronized.
Problem conclusion
Support have been provided via 2 new shell scripts
(bbowr2fa.sh and bbowr2fd.sh) to copy certificates from RACF to
the WebSphere jks files. These scripts synchronize the keystores
and RACF Keyrings.

APAR PQ74707 is associated with SERVICE LEVEL W500101 of
WebSphere Application Server V5.0 for z/OS.
Temporary fix Comments
APAR information
APAR number PQ74707
Reported component name WEBSPHERE FOR Z
Reported component ID 5655I3500
Reported release 500
Status CLOSED PER
PE NoPE
HIPER NoHIPER
Special Attention NoSpecatt
Submitted date 2003-05-30
Closed date 2003-06-18
Last modified date 2003-07-03

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Modules/Macros
BBOUBINF          

Publications Referenced

Fix information
Fixed component name WEBSPHERE FOR Z
Fixed component ID 5655I3500

Applicable component levels
R500 PSY UQ77804    UP03/06/25 P F306

  Fix is available
Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.


Document Information


Current web document: swg1PQ74707.html
Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server for z/OS
Operating system(s):
Software version: 500
Software edition:
Reference #: PQ74707
IBM Group: Software Group
Modified date: Jul 3, 2003