|
Abstract |
Products that use the IBM® Global Security Kit (GSKit)
technology may be impacted with the expiration of certificates:
On 15 Jan 2004, dummy key files shipped with WebSphere Application Server
4.0.1 through 4.0.6 expired. WebSphere Application Server V5 is NOT
impacted.
On 7 Jan 2004, VeriSign™ Global Server ID Intermediate Root Certificate
Authority and Root Certificate Authority expired. |
|
Content |
Background:
All products that use the Secure Socket Layers (SSL) key files, ship with
signer certificates. These certificates are used to verify the
authenticity of purchased personal server certificates from certificate
providers.
All certificates have validity periods and expiration dates. There are
two types of certificates, signer certificates and personal server
certificates. Signer certificates can only be used to validate personal
server certificates during the validity period.
On 15 Jan 2004, sample personal server certificates, called dummy key
files, will expire for WebSphere Application Server versions 4.0.1 through
4.0.6. The intent of the dummy key files is for testing during development
in a WebSphere configuration where Security is enabled. These certificates
will expire at 6:25PM EST. If WebSphere security is enabled using these
certificates, WebSphere Application Server and plugin will NOT start. To
resolve this problem, apply PQ77261 or upgrade to WebSphere Application
Server fix pack 4.0.7.
On 7 Jan 2004, if a VeriSign certificate has been purchased, then new
signer certificates are needed to make sure they are installed and working
correctly. These certificates are used at runtime and are stored in the
same key files used by IBM HTTP Server, WebSphere® Application Server and
WebSphere Edge Caching Proxy for personal server certificates.
The following directions are for using tools, such as IKEYMAN or GSKit,
for replacing the expired signer certificates within existing key files
for each instance of IBM HTTP Server, WebSphere Application Server or
WebSphere Edge Caching Proxy.
15 Jan 2004 Expiration Issues:
7 Jan 2004 Expiration Issues:
|
|
|
|
Cross Reference information |
Segment |
Product |
Component |
Platform |
Version |
Edition |
Application Servers |
IBM HTTP Server |
SSL |
|
|
|
Application Servers |
WebSphere Edge Server |
Caching Proxy |
|
|
|
|
|
|
|