PK45448: CWPKI0032E: ERROR CREATING A SELF-SIGNED CERTIFICATE AFTER STARTUP OF MIGRATED DEPLOYMENTMANAGER | |||||||||||||||||||||||||||||||||||||||
![]() |
|||||||||||||||||||||||||||||||||||||||
![]() APAR status Closed as program error. Error description After starting a migrated WebSphere V6.1 DeploymentManager, the following error surfaces in the control region. CWPKI0032E: Error creating a self-signed certificate. The exception that occurred is: safkeyring:/WASKeyring (EDC5129I No such file or directory. (errno2=0x05620062)), and the dmgr fails to start (ABEND=SDC3 U0000 REASON=000C0008) The DeploymentManager is attempting to access a safkeyring keystore or truststore as an hfs based file. The security.xml will a cell level keystore indicating that the location="safkeyring:///WASKeyring" fileBased="true" <keyStores xmi:id="KeyStore_1" name="CellDefaultKeyStore" password="{xor}Lz4sLCgwLTs=" provider="IBMJCE" location="safkeyring:///WASKeyring" type="JKS" fileBased="true" hostList="" managementScope="ManagementScope_1"/> <keyStores xmi:id="KeyStore_2" name="CellDefaultTrustStore" password="{xor}Lz4sLCgwLTs=" provider="IBMJCE" location="safkeyring:///WASKeyring" type="JKS" fileBased="true" hostList="" managementScope="ManagementScope_1"/>Local fix Problem summary **************************************************************** * USERS AFFECTED: All users of WebSphere Application Server * * V6.1 for z/OS * **************************************************************** * PROBLEM DESCRIPTION: Customers will find that their servers * * will not start after migration due to * * missing keyfiles. Message issued is: * * * * CWPKI0032E: Error creating a * * self-signed certificate is issued. * * * * The exception that occurred is: * * safkeyring:/WASKeyring (EDC5129I No * * such file or directory. * * (errno2=0x05620062)). * **************************************************************** * RECOMMENDATION: * **************************************************************** The server runtime has been updated to require that SAFKeyRing / RACF keys be listed as non-file based. The file based setting was ignored on prior releases, therefore migration did not change this value from it's default value of 'true' during the migration from the prior release.Problem conclusion Migration has been updated to correctly detect safkeyring / RACF key stores and set the valid in the configuration's security.xml to state that the keys are not file based. APAR PK45448 is currently targeted for inclusion in Service Level (Fix Pack) 6.1.0.11 of WebSphere Application Server V6.1 for z/OS.Temporary fix Comments
APAR is sysrouted FROM one or more of the following: APAR is sysrouted TO one or more of the following: Modules/Macros Publications Referenced
|
Document Information |
Current web document: swg1PK45448.html
Product categories: Software > Application Servers >
Distributed Application & Web Servers > WebSphere Application
Server for z/OS
Operating system(s):
Software version: 610
Software edition:
Reference #: PK45448
IBM Group: Software Group
Modified date: Oct 2, 2007
(C) Copyright IBM Corporation 2000, 2009. All Rights Reserved.