IBM Support

PM51902: EXTRANEOUS PROPERTY WRITTEN TO THE SECURITY.XML WHEN UPDATING SSL JSSE ENTRY

Fixes are available

8.0.0.3: WebSphere Application Server V8.0 Fix Pack 3
7.0.0.23: WebSphere Application Server V7.0 Fix Pack 23
8.0.0.4: WebSphere Application Server V8.0 Fix Pack 4
7.0.0.25: WebSphere Application Server V7.0 Fix Pack 25
8.0.0.5: WebSphere Application Server V8.0 Fix Pack 5
7.0.0.27: WebSphere Application Server V7.0 Fix Pack 27
8.0.0.6: WebSphere Application Server V8.0 Fix Pack 6
7.0.0.29: WebSphere Application Server V7.0 Fix Pack 29
8.0.0.7: WebSphere Application Server V8.0 Fix Pack 7
6.1.0.47: WebSphere Application Server V6.1 Fix Pack 47
8.0.0.8: WebSphere Application Server V8.0 Fix Pack 8
7.0.0.31: WebSphere Application Server V7.0 Fix Pack 31
7.0.0.27: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.33: WebSphere Application Server V7.0 Fix Pack 33
8.0.0.9: WebSphere Application Server V8.0 Fix Pack 9
7.0.0.35: WebSphere Application Server V7.0 Fix Pack 35
8.0.0.10: WebSphere Application Server V8.0 Fix Pack 10
7.0.0.37: WebSphere Application Server V7.0 Fix Pack 37
8.0.0.11: WebSphere Application Server V8.0 Fix Pack 11
7.0.0.39: WebSphere Application Server V7.0 Fix Pack 39
8.0.0.12: WebSphere Application Server V8.0 Fix Pack 12
7.0.0.41: WebSphere Application Server V7.0 Fix Pack 41
8.0.0.13: WebSphere Application Server V8.0 Fix Pack 13
7.0.0.43: WebSphere Application Server V7.0 Fix Pack 43
8.0.0.14: WebSphere Application Server V8.0 Fix Pack 14
7.0.0.45: WebSphere Application Server V7.0 Fix Pack 45
8.0.0.15: WebSphere Application Server V8.0 Fix Pack 15
6.1.0.43: Java SDK 1.5 SR13 Cumulative Fix for WebSphere Application Server
6.1.0.45: Java SDK 1.5 SR14 Cumulative Fix for WebSphere Application Server
6.1.0.47: Java SDK 1.5 SR16 Cumulative Fix for WebSphere Application Server
7.0.0.23: Java SDK 1.6 SR10 FP1 Cumulative Fix for WebSphere
7.0.0.25: Java SDK 1.6 SR11 Cumulative Fix for WebSphere Application Server
7.0.0.27: Java SDK 1.6 SR12 Cumulative Fix for WebSphere Application Server
7.0.0.29: Java SDK 1.6 SR13 FP2 Cumulative Fix for WebSphere Application Server
7.0.0.45: Java SDK 1.6 SR16 FP60 Cumulative Fix for WebSphere Application Server
7.0.0.31: Java SDK 1.6 SR15 Cumulative Fix for WebSphere Application Server
7.0.0.35: Java SDK 1.6 SR16 FP1 Cumulative Fix for WebSphere Application Server
7.0.0.37: Java SDK 1.6 SR16 FP3 Cumulative Fix for WebSphere Application Server
7.0.0.39: Java SDK 1.6 SR16 FP7 Cumulative Fix for WebSphere Application Server
7.0.0.41: Java SDK 1.6 SR16 FP20 Cumulative Fix for WebSphere Application Server
7.0.0.43: Java SDK 1.6 SR16 FP41 Cumulative Fix for WebSphere Application Server
Obtain the fix for this APAR.

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Extranenous property being written to the security.xml file when
    JSSE entry is changed.
    
       <properties xmi:id="Property_1320082454404" name="600"
       value=""/>
    
    To recreate:
    
    Admin Console -> SSl Certificate and Key Management -> SSL
    Configuration and updates one of the JSSE entry
    
    When the apply button is hit (with no changes made) the extra
    property is written to the security.xml file.
    
    Security.xml before:
    
    Security-pre.xml
    
    
      <repertoire xmi:id="SSLConfig_1"
    alias="CellDefaultSSLSettings"
        managementScope="ManagementScope_1">
        <setting xmi:id="SecureSocketLayer_1"
    clientAuthentication="false"
        securityLevel="HIGH" enabledCiphers=""
    jsseProvider="IBMJSSE2"
        sslProtocol="SSL_TLS" keyStore="KeyStore_1"
    trustStore="KeyStore_2"
        trustManager="TrustManager_1" keyManager="KeyManager_1"/>
      </repertoire>
    
    
    
    Secutiry.xml after:
    
      <repertoire xmi:id="SSLConfig_1"
    alias="CellDefaultSSLSettings"
        managementScope="ManagementScope_1">
        <setting xmi:id="SecureSocketLayer_1"
    clientAuthentication="false"
        securityLevel="HIGH" enabledCiphers=""
    jsseProvider="IBMJSSE2"
        sslProtocol="SSL_TLS" keyStore="KeyStore_1"
    trustStore="KeyStore_2
        trustManager="TrustManager_1" keyManager="KeyManager_1">
       <properties xmi:id="Property_1320082454404" name="600"
    value=""/>
       </setting>
      </repertoire>
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server V6.1.0 and V8.0 using the            *
    *                  administrative console to modify a          *
    *                  SSLConfig                                   *
    ****************************************************************
    * PROBLEM DESCRIPTION: An extraneous property is written to    *
    *                      the config file when updating an        *
    *                      SSLConfig object.                       *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    There is code that sets the timeout value incorrectly as an
    extraneous property .
    

Problem conclusion

  • Removed code that was incorrectly writing the extraneous
    property.
    
    APAR PM51902 is currently targeted for inclusion in Service
    Level (Fix Pack) 6.1.0.43 of WebSphere Application Server V6.1
    and Fix Pack 8.0.0.3 of WebSphere Application Server V8.0.
    
    The fix will also be delivered as sysrouted APAR PM53438 in
    WebSphere Application Server V7.0 Fix Pack 7.0.0.23.
    
    Please refer to URL:
    //www.ibm.com/support/docview.wss?rs=404&uid=swg27006970
    for Fix Pack availability.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PM51902

  • Reported component name

    WEBSPHERE FOR Z

  • Reported component ID

    5655I3500

  • Reported release

    610

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2011-11-09

  • Closed date

    2011-12-02

  • Last modified date

    2012-04-03

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    PM53438

Fix information

  • Fixed component name

    WEBSPHERE FOR Z

  • Fixed component ID

    5655I3500

Applicable component levels

  • R610 PSY UK76696

       UP12/03/18 P F203

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.



Document information

More support for: WebSphere Application Server for z/OS
General

Software version: 6.1

Reference #: PM51902

Modified date: 03 April 2012