WebSphere® Application Server_Security_JSSE_cumulative_Fix
 Downloadable files
 
Abstract
Fixes multiple JSSE problems in WebSphere Application Server version 4.0.1, 4.0.2, 4.03, 4.0.4, 4.0.5, 4.0.6, 4.0.7
 
Download Description
List of problems identified by customers through PMRs and documented through APARs. Problems not reported by customers are included in this component cumulative fix, but not listed:

Contains IBM JSSE 1.0.3, build 20030707.


PQ72138 - WebSphere Application Server 4.0.5 and V5, KeyManagerFactory can't get the KeyManager:

In WebSphere Application Server 4 with fix pack 3, the KeyManagerFactory can get KeyManagers successfully. But in WebSphere Application Server 4 with fix pack 5 and WebSphere Application Server V5, the KeyManagerFactory can't get KeyManagers:
java.lang.ClassCastException: java.lang.Object
at com.ibm.net.ssl.b.engineGetKeyManagers(Unknow Source)
at com.ibm.net.ssl.KeyManagerFactory.getKeyManagers(UnknownSource)
at Test.main(Test.java:21)


PQ70127 - Problem with JSSE: WebSphere Application Server/LDAP system hangs during user authentication using SSL

When customer has enabled WebSphere Application Server security with LDAP server via SSL, entering a valid username and an invalid password causes login to hang. Problem occurs only when using SSL. JSSE to be fixed for resolving issue.


PQ75151 - SSLHandshakeException unknown certificate issue after JSSE cumulative fix dated 3/17/2003 is applied

After applying the WebSphere Security JSSE R2 component cumulative fix for V4.0.1 through V4.0.5, which uses ibmjsse.jar file dated 3/17/2003, the customer now gets the following errors in his application server stdout file when trying to display a document:
Error opening Input Stream:
javax.net.ssl.SSLHandshakeException: unknown certificate
java.lang.NullPointerException

The customer can bypass the error by disabling security. When the customer tested with ibmjsse.jar file dated 5/16/2003 and the newer version dated 6/6/2003, the problem went away. Therefore, this APAR is to record the customer symptoms and request a WebSphere packaged fixed. Customer is running Sun Solaris V5.8 with WebSphere V4.0.4.


PQ82944 - SSLHandshakeException, SSL connection, X509V3 certificate extensions, JSSE

The customer received this error when trying to establish an SSL connection, using JSSE, to a server that utilizes a certificate with X509v3 certificate extensions. The program running on the WebSphere Application server is the "client". The customer receives the following error:
Error: javax.net.ssl.SSLHandshakeException: unknown certificate
javax.net.ssl.SSLHandshakeException:unknown cerificate
at com.ibm.jsse.JSSESocket.install(Unknown Source)
at com.ibm.jsse.JSSESocket.startHandshake (Unknown Source)
at com.ibm.net.ssl.internal.www.protocol.https.n.e(UnknownSource)

This problem was fixed with the JSSE build dated 12/13/03.


SUPERCEDES FIXES: Any JSSE componet cumulative fix dated previous to 13 Jan 2003.
 
Prerequisites
WebSphere Application Server version 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.5, 4.0.6, 4.0.7.
 
 
Installation instructions
Please see the installation instructions in the readme.txt file.
 
URL LANGUAGE SIZE(Bytes)
Readme US English 6555
 
Download package
What is DD?
DOWNLOAD RELEASE DATE LANGUAGE SIZE(Bytes) Download Options
Cumulative JSSE Interim fix 12/13/2003 US English 3072254 FTP DD
 
Technical support
1-800-IBM-SERV (US calls only)
 
Problems (APARs) fixed
PQ72138, PQ70127, PQ75151, PQ82944
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0.7
Software edition:
Reference #: 4004455
IBM Group: Software Group
Modified date: Feb 3, 2004