When certificates expire in WebSphere Application Server
V4, the following message is logged in $WAS_ROOT/logs/tracefile (the
administration server stdout file):
8/7/04 12:42:29:305 CDT¨ 649778c2 ORBRas
X
com.ibm.CORBA.iiop.IIOPConnection send (IIOPOutputStream, OneWay)
P=540553:O=0:CT The following exception was logged
javax.net.ssl.SSLHandshakeException: certificate expired
at com.ibm.jsse.bd.a(Unknown Source)
at com.ibm.jsse.b.a(Unknown Source)
at com.ibm.jsse.b.write(Unknown Source)
10/10/04 16:58:12:757 CDT¨ 6434c6c1 AdminServer
X WSVR0009E: Error occurred during startup
java.lang.RuntimeException: com.ibm.ejs.EJSException: Could
not register with Location Service Daemon; nested exception is:
java.lang.ClassCastException
at com.ibm.ws.runtime.Server.initializeOrb(Server.java:1464)
at com.ibm.ws.runtime.Server.initializeRuntime0(Server.java:941)
at com.ibm.ejs.sm.server.ManagedServer.
initializeRuntime0(ManagedServer.java:408)
If you configured WebSphere Application Server to use security and have
not configured new SSL trust and key stores, you are affected by the
following problems:
- The default certificates for WebSphere Application Server
V4.0.1 through V4.0.6 expire on 15 Jan 2004.
Note: The default certificates for all releases of WebSphere
Application Server V5.0 are due to expire on 17 Mar 2005. This certificate
expiration can be extended to 2021 by installing PQ77264, delivered in
cumulative fix 5.0.2.3.
- These certificates are not supported for production
environments. Do not use these certificates if IIOP over SSL and HTTPS
communications must be secure.
- This problem affects anyone using security or using SSL in
the plugin, who has not applied new SSL trust and key stores.
To fix this problem, do one of the following:
- Apply the interim fix for APAR PQ77261.
This upgrades the certificates for WebSphere Application Server V4.0.1
through V4.0.6. These new certificates expire in 2021.
- Upgrade to WebSphere
Application Server fix pack 4.0.7. The default certificates provided
by the product expire in 2021. It is recommended that you test
applications with V4.0.7 before promoting this fix into a production
environment.
|