"java.net.SocketException: Socket closed" error after replacing the DummyKeyring with self-signed certificates
 Technote (FAQ)
 
Problem
After attempting to replace the WebSphere® Application Server V4.0 default DummyKeyrings with self-signed keyring.jks files, the following error is received:

logged java.net.SocketException: Socket closed

The full text of the error log is attached at the bottom of this technote.
 
Solution
Recreate the keyfiles as follows:
  1. Use Ikeyman to create NewServerStorefile.jks with password.

  2. Create self-signed certificate (Personal Certificates).

  3. Extract certificate to cert.arm.

  4. Add cert.arm from Signer Certificates.

  5. Close NewServerStorefile.jks (saves automatically).

  6. Create a NewServerTrustfile.jks (use the same password you used with NewServerStorefile.jks).

  7. Add cert.arm from Signer Certificates.

  8. Close the file.

  9. Repeat steps 6 and 7 for NewClientStorefile.jks and NewClientTrustfile.jks.

  10. Enable security from the Security Center.

  11. Click Default SSL Configuration, then update the key file and trust files with the NewServerTrustfile.jks and NewServerTrustfile.jks complete with new passwords (all passwords should be the same).

  12. Do not enable client authentication.

  13. Stop WebSphere Application Server to propagate the changes.

  14. Edit the sas.client.props file to point to the NewClientStorefile.jks and to the NewClientTrustfile.jks complete with the new passwords.
    Ensure that the securityEnabled parameter is set to true.

  15. Start WebSphere Application Server; the sas.server.props is updated automatically.

Click this link to get more detailed information about using the ikeyman tool.

 
error.txt
 
 


Document Information


Product categories: Software > Application Servers > Distributed Application & Web Servers > WebSphere Application Server > Security
Operating system(s): HP-UX
Software version: 4.0
Software edition:
Reference #: 1051863
IBM Group: Software Group
Modified date: May 12, 2004