Fix (APAR): WAS_Security_2004-02-19_4.0.7-4.0.6-4.0.5-4.0.4-4.0.3-4.0.2-4.0.1_JCE_cumulative_Fix Status: Fix Release: 4.0.7,4.0.6,4.0.5,4.0.4,4.0.3,4.0.2,4.0.1 Operating System: All Supersedes Fixes: WAS_Security_03-14-2003_4.0.6-4.0.5-4.0.4-4.0.3-4.0.2-4.0.1_JCE_r2_cumulative_Fix CMVC Defect: PQ91005 Byte size of APAR: 2536322 Date: 2004-07-06 Abstract: This fix contains IBM JCE 1.2.1 build 2004-02-19 Description/symptom of problem: This fix contains IBM JCE 1.2.1 build 2004-02-19. Specific WebSphere APARs are listed below. This only reflects issues reported by WebSphere customers, however, and is not a comprehensive list of defects resolved. PQ69688 THE KEYSTORE HAS A "BAD" SERIALIZED OBJECT Keystores created using Sun's JCE implementation cannot be used with IBM's implementation. The problem was caused by a version stamp in the serialized keys. PQ71581 Import of pkcs12 key into jks keystore fails. IKeyMan cannot import keys saved in PKCS12 format. The error message received is: "The Specified database has been corrupted" PQ72629 JCEKS formatted keystores created by non-IBM JDK JCE isn't readable by the IBM JDK JCE PQ91005 The signed jar verification with IBM JCE will fail after year 2006 This is due to existing jar files signed with certificates that will expire in 2006. Directions to apply fix: 1) Create temporary "fix" directory to store the jar file: Unix: /tmp/WebSphere/fix Windows: c:\temp\WebSphere\fix 2) Copy jar file to the directory 3) Shutdown WebSphere. It is important that you perform a controlled and complete shutdown of the server to ensure that all transactions have completed, before installing the fix. 4)Create a /Fix directory if one does not already exist 5) Run the jar file with the following command answering questions/prompts as they appear: java -jar -backupJar /Fix/_backup.jar 6) Restart WebSphere 7) The temp directory may be removed but the jar file should be saved. Do not remove any files created and stored in the /Fix directory. These files are required if a fix is to be removed. Directions to remove fix: NOTE: FIXES MUST BE REMOVED IN THE ORDER THEY WERE APPLIED. DO NOT REMOVE A FIX UNLESS ALL FIXES APPLIED AFTER IT HAVE FIRST BEEN REMOVED. YOU MAY REAPPLY ANY REMOVED FIX. Example: If your system has fix1, fix2, and fix3 applied in that order and fix2 is to be removed, fix3 must be removed first, fix2 removed, and fix3 re-applied. 1) Change directory to the fix location (/Fix). 2) Shutdown WebSphere 3) Run the backup jar file with the following command: java -jar 4) Restart WebSphere Directions to re-apply fix: Follow the instructions for applying a fix. If the backup files still exist (from the previous fix application), you will be prompted to overwrite. Answer "yes" at the overwrite prompts. Additional Information: