IV25336: PKNEWCERTFACTORY UNABLE CREATE EC KEY

Subscribe

You can track all active APARs for this component.

APAR status

  • Closed as program error.

Error description

  • Error Message: Creating new chained cert with keySize=384
    signatureAlgorithm=SHA384withECDSA
    Self signed cert created create a cert signed with it.
    Exception in thread "main"
    com.ibm.security.certclient.base.PkRejectionException: 3008-733
    The key size must be one of 512, 1024 or 2048. 384
    .
    Stack Trace: Exception in thread "main"
    com.ibm.security.certclient.base.PkRejectionException: 3008-733
    The key size must be one of 512, 1024 or 2048. 384
            at
    com.ibm.security.certclient.util.PkNewCertFactory$PkNewCertImpl.
    generateLocalKey(PkNewCertFactory.java:689)
            at
    com.ibm.security.certclient.util.PkNewCertFactory$PkNewCertImpl.
    <init>(PkNewCertFactory.java:583)
            at
    com.ibm.security.certclient.util.PkNewCertFactory.newCert(PkNewC
    ertFactory.java:369)
            at newChain.main(newChain.java:82)
    .
    

Local fix

Problem summary

  • Creating elliptic curve key using key certificate management
    utility PkNewCertFactory fails.
    

Problem conclusion

  • This defect will be fixed in:
    6.0.0 SR12
    6.0.1 SR3
    7.0.0 SR2
    .
    Key certificate management utility has been updated to have
    different key strength check for ec keys.  ibmkeycert.jar build
    date 7/20/12.
    

Temporary fix

Comments

APAR Information

  • APAR number

    IV25336

  • Reported component name

    SECURITY

  • Reported component ID

    620700125

  • Reported release

    600

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2012-07-30

  • Closed date

    2012-08-01

  • Last modified date

    2012-08-01

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    SECURITY

  • Fixed component ID

    620700125

Applicable component levels

  • R600 PSY

       UP

  • R260 PSY

       UP



Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

Runtimes for Java Technology
Security

Software version:

6.0

Reference #:

IV25336

Modified date:

2012-08-01

Translate my page

Machine Translation

Content navigation