IBM Support

PI37045: RENEWING A PERSONAL CERTIFICATE IN RSA TOKEN KEYSTORE DOES NOT UPDATE A CERTIFICATE ALIAS NAME IN SECURITY.XML.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • When renewing a personal certificate in RSA token keystore with
    the new certificate alias name, the new alias name is not
    updated to security.xml. It causes the mismatch of certificate
    alias name in RSA token keystore and alias name in security.xml.
    Because of the mismatch, initializing RSA token keystore fails.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server using the administrative console to  *
    *                  manage personal certificates.               *
    ****************************************************************
    * PROBLEM DESCRIPTION: The console might not correctly         *
    *                      reflect the certificate alias in a      *
    *                      personal certificate that is in the     *
    *                      security.xml.                           *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    The console might not correctly reflect the certificate alias
    name from the security.xml and if the user clicks OK with
    modifying it, they could set an incorrect value that is being
    displayed in the console.
    

Problem conclusion

  • The console has been modified to display the value from the
    security.xml when displaying the personal certificate and
    certificate alias so that clicking OK will save the correct
    data.
    
    The fix for this APAR is currently targeted for inclusion in
    fix pack 7.0.0.39, 8.0.0.11, 8.5.5.7.  Please refer to the
    Recommended Updates page for delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

Comments

APAR Information

  • APAR number

    PI37045

  • Reported component name

    WEBS APP SERV N

  • Reported component ID

    5724H8800

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2015-03-16

  • Closed date

    2015-05-18

  • Last modified date

    2015-05-18

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WEBS APP SERV N

  • Fixed component ID

    5724H8800

Applicable component levels

  • R700 PSY

       UP

  • R800 PSY

       UP

  • R850 PSY

       UP



Document information

More support for: WebSphere Application Server
General

Software version: 7.0

Reference #: PI37045

Modified date: 18 May 2015