PK40949: NULLPOINTEREXCEPTION RUNNING SHELL SCRIPT (IE. STOPSEVERS.SH) AFTER BEING PROMPTED TO "ADD SIGNER TO THE TRUST STORE NOW?" | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description If a user logs into an OMVS shell or telnet and attempts to run a shell script in the WAS_HOME/AppServer/profiles/bin directory (ie. stopServer.sh) which attempts to make an SSL call, and the logged in userid does not have the keyring or certificate authority needed by the client in its truststore, a NullPointerException may occur when prompted to add the certificate to the truststore. Add signer to the trust store now? (y/n) y ------------- Here is the signer information (verify the digest value matches what is displayed at the server): Subject DN: CN=BOSSXXXX.PLEX1.L2.IBM.COM, OU=SY1, O=IBM Issuer DN: CN=WAS CertAuth for Security Domain, OU=SY1 Serial number: 2 Expires: Fri Dec 31 23:59:59 EST 2010 SHA-1 Digest: 3C:2A:F2:CF:AF:9F:08:E6:86:D2:D8:D8:45:EB:DE:9B:0F:C8:C2:E8 MD5 Digest: 21:FF:1B:01:E5:0C:3B:33:60:C0:5C:C6:73:0F:B6:D5 Subject DN: CN=WAS CertAuth for Security Domain, OU=SY1 Issuer DN: CN=WAS CertAuth for Security Domain, OU=SY1 Serial number: 0 Expires: Fri Dec 31 23:59:59 EST 2010 SHA-1 Digest: 3C:2A:F2:CF:AF:9F:08:E6:86:D2:D8:D8:45:EB:DE:9B:0F:C8:C2:E8 MD5 Digest: 21:FF:1B:01:E5:0C:3B:33:60:C0:5C:C6:73:0F:B6:D5 Add signer to the trust store now? (y/n) y ---------- The exception appears as: java.lang.NullPointerException com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted(WSX509 TrustMan at com.ibm.jsse2.hb.checkServerTrusted(hb.java:1) at com.ibm.jsse2.eb.a(eb.java:131) at com.ibm.jsse2.eb.a(eb.java:200) at com.ibm.jsse2.db.m(db.java:81) at com.ibm.jsse2.db.a(db.java:402) at com.ibm.jsse2.jc.a(jc.java:24) at com.ibm.jsse2.jc.g(jc.java:458) at com.ibm.jsse2.jc.a(jc.java:67) at com.ibm.jsse2.jc.startHandshake(jc.java:342) at org.apache.soap.util.net.SSLUtils.buildSSLSocket(Unknown at sun.reflect.NativeMethodAccessorImpl.invoke0(Native sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod at java.lang.reflect.Method.invoke(Method.java:615) org.apache.soap.util.net.HTTPUtils.buildSocket(Unknown at org.apache.soap.util.net.HTTPUtils.post(Unknown org.apache.soap.transport.http.SOAPHTTPConnection.send(Unknown at org.apache.soap.rpc.Call.invoke(Unknown Source) com.ibm.ws.management.connector.soap.SOAPConnectorClient$4.run(S com.ibm.ws.security.util.AccessController.doPrivileged(AccessCon com.ibm.ws.management.connector.soap.SOAPConnectorClient.reconne com.ibm.ws.management.connector.soap.SOAPConnectorClient.<init>( sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeCons sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Delega java.lang.reflect.Constructor.newInstance(Constructor.java:521) com.ibm.websphere.management.AdminClientFactory.createAdminClien com.ibm.ws.management.tools.LaunchUtils.getAdminClient(LaunchUti com.ibm.ws.management.tools.LaunchUtils.getAdminClient(LaunchUti com.ibm.ws.management.tools.WsServerStop.runTool(WsServerStop.ja com.ibm.ws.management.tools.AdminTool.executeUtility(AdminTool.j com.ibm.ws.management.tools.WsServerStop.main(WsServerStop.java: at sun.reflect.NativeMethodAccessorImpl.invoke0(Native sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod at java.lang.reflect.Method.invoke(Method.java:615) com.ibm.wsspi.bootstrap.WSLauncher.launchMain(WSLauncher.java:18 com.ibm.wsspi.bootstrap.WSLauncher.main(WSLauncher.java:90) com.ibm.wsspi.bootstrap.WSLauncher.run(WSLauncher.java:72) org.eclipse.core.internal.runtime.PlatformActivator$1.run(Platfo org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.run ion(EclipseAppLauncher.java:92) org.eclipse.core.runtime.internal.adaptor.EclipseAppLauncher.sta seAppLauncher.java:68) org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStart org.eclipse.core.runtime.adaptor.EclipseStarter.run(EclipseStart at sun.reflect.NativeMethodAccessorImpl.invoke0(Native sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessor sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethod at java.lang.reflect.Method.invoke(Method.java:615) org.eclipse.core.launcher.Main.invokeFramework(Main.java:336) org.eclipse.core.launcher.Main.basicRun(Main.java:280) at org.eclipse.core.launcher.Main.run(Main.java:977) com.ibm.wsspi.bootstrap.WSPreLauncher.launchEclipse(WSPreLaunche com.ibm.wsspi.bootstrap.WSPreLauncher.main(WSPreLauncher.java:89 )Local fix Confirm that the userid that you are logged in with (ie. wsadmin) has the correct certificate authority in its keyring prior to invoking the shell script.Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V6.1 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: NullPointerException when running a * * shell script, like stopServer.sh, for * * a user that does not have a * * configured keyring. * **************************************************************** * RECOMMENDATION: * **************************************************************** For a user that does not have a keyring setup and that user attempts to execute an administrative script like stopServer.sh a NullPointerException is printed to the OMVS shell or the telnet console. The exception is shown as: java.lang.NullPointerException com.ibm.ws.ssl.core.WSX509TrustManager.checkServerTrusted at com.ibm.jsse2.hb.checkServerTrusted(hb.java:1) at com.ibm.jsse2.eb.a(eb.java:131) at com.ibm.jsse2.eb.a(eb.java:200) at com.ibm.jsse2.db.m(db.java:81) at com.ibm.jsse2.db.a(db.java:402) at com.ibm.jsse2.jc.a(jc.java:24) at com.ibm.jsse2.jc.g(jc.java:458) at com.ibm.jsse2.jc.a(jc.java:67) at com.ibm.jsse2.jc.startHandshake(jc.java:342) at org.apache.soap.util.net.SSLUtils.buildSSLSocket(Unknown...) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native...) . . .Problem conclusion The code was modified to not print the stack trace for the NullPointerException in the OMVS shell or telnet console. APAR PK40949 is currently targeted for inclusion in Service Level (Fix Pack) 6.1.0.9 of WebSphere Application Server V6.1 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros Publications Referenced
|
Document Information |
Current web document: swg1PK40949.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 610
Software edition:
Reference #: PK40949
IBM Group: Software Group
Modified date: Jul 4, 2007
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.