Fix (APAR): PQ77264 Status: Fix Release: 5.0.2.2,5.0.2,5.0.1,5.0.0 Operating System: All Supersedes Fixes: CMVC Defect: PQ77261 Byte size of APAR: 35344 Date: 2004-01-15 Abstract: WSEC5156E: An exception while retrieving the key from KeyStore object: CertificateExpiredException Description/symptom of problem: Default certificates expire on 03/17/2005. The following message will be encountered: [9/29/50 12:59:45:172 CDT] 36640dee KeyStoreKeyLo E WSEC5156E: An exception while retrieving the key from KeyStore object: java.security.cert.CertificateExpiredException: NotAfter: Sat Oct 01 04:54:06 CDT 2011 at sun.security.x509.CertificateValidity.valid (CertificateValidity.java:284) at sun.security.x509.X509CertImpl.checkValidity (X509CertImpl.java:425) at sun.security.x509.X509CertImpl.checkValidity (X509CertImpl.java:398) at com.ibm.wsspi.wssecurity.config.KeyStoreKeyLocator. validateCert(KeyStoreKeyLocator.java:266) ... Directions to apply fix: NOTE: YOU MUST FIRST DOWNLOAD THE UPDATE INSTALLER TOOL IN ORDER TO INSTALL A FIX. The Fix Installer can be downloaded from the following link: http://www-3.ibm.com/software/webservers/appserv/support/index.html 1) Create temporary "fix" directory to store the jar file: UNIX: /tmp/WebSphere/fix Windows: c:\temp\WebSphere\fix 2) Copy jar file to the directory 3) Shutdown WebSphere 4) Follow the Fix installation instructions that are packaged with the Fix Installer on how to install the Fix. 5) Restart WebSphere 6) The temp directory may be removed. Directions to remove fix: NOTE: FIXES MUST BE REMOVED IN THE ORDER THEY WERE APPLIED. DO NOT REMOVE A FIX UNLESS ALL FIXES APPLIED AFTER IT HAVE FIRST BEEN REMOVED. YOU MAY REAPPLY ANY REMOVED FIX. Example: If your system has fix1, fix2, and fix3 applied in that order and fix2 is to be removed, fix3 must be removed first, fix2 removed, and fix3 re-applied. 1) Shutdown WebSphere 2) Follow the instructions that are packaged with the Fix Installer on how to uninstall the Fix. 3) Restart WebSphere Directions to re-apply fix: 1) Shutdown WebSphere 2) Follow the Fix instructions that are packaged with the Fix Installer on how to uninstall and reinstall the Fix. 3) Restart WebSphere Additional Information: If a remote Web server is in use, perform the following steps to complete the installation of this fix: 1) Backup your existing plugin-key.kdb file on your remote Web server machine. 2) Copy the file etc\plugin-key.kdb to your remote Web server machine. Warning: If your existing plugin-key.kdb file on your remote Web server has been customized with internal signer or personal certificates, these certificates will need to be imported or added back into the new plugin-key.kdb file before using. If interoperation using default certificates is required between 4.0 and 5.0 and either PQ77261 or 4.0.7 has been apoplied to the 4.0 server, these certificates need tp be applied to the 5.0 server. PQ77264-client is for Java clients making EJB calls to a server with PQ77264 installed.