Skip to main content

IV25336: PKNEWCERTFACTORY UNABLE CREATE EC KEY


Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • Error Message: Creating new chained cert with keySize=384
signatureAlgorithm=SHA384withECDSA
Self signed cert created create a cert signed with it.
Exception in thread "main"
com.ibm.security.certclient.base.PkRejectionException: 3008-733
The key size must be one of 512, 1024 or 2048. 384
.
Stack Trace: Exception in thread "main"
com.ibm.security.certclient.base.PkRejectionException: 3008-733
The key size must be one of 512, 1024 or 2048. 384
        at
com.ibm.security.certclient.util.PkNewCertFactory$PkNewCertImpl.
generateLocalKey(PkNewCertFactory.java:689)
        at
com.ibm.security.certclient.util.PkNewCertFactory$PkNewCertImpl.
<init>(PkNewCertFactory.java:583)
        at
com.ibm.security.certclient.util.PkNewCertFactory.newCert(PkNewC
ertFactory.java:369)
        at newChain.main(newChain.java:82)
.

Local fix

  •  
    • 
  
 
  
Problem summary
 
  
     
   
  • Creating elliptic curve key using key certificate management
utility PkNewCertFactory fails.

     
    • 
  
 
  
Problem conclusion
 
  
     
   
  • This defect will be fixed in:
6.0.0 SR12
6.0.1 SR3
7.0.0 SR2
.
Key certificate management utility has been updated to have
different key strength check for ec keys.  ibmkeycert.jar build
date 7/20/12.

     
    • 
  
 
  
Temporary fix
 
  
     
   
  •  
    • 
  
 
  
Comments
 
  
     
   
  •  
    • 
  
 
  
APAR Information
 
  
 
   
     
    
  • APAR number
    IV25336
    •  
    
  • Reported component name
    SECURITY
    •  
    
  • Reported component ID
    620700125
    •  
    
  • Reported release
    600
    •  
    
  • Status
    CLOSED PER
    •  
    
  • PE
    NoPE
    •  
    
  • HIPER
    NoHIPER
    •  
    
  • Special Attention
    NoSpecatt
    •  
    
  • Submitted date
    2012-07-30
    •  
    
  • Closed date
    2012-08-01
    •  
    
  • Last modified date
    2012-08-01
    •  
   
 
  
 
  
     
   
  • APAR is sysrouted FROM one or more of the following:
     
    •  
   
  • APAR is sysrouted TO one or more of the following:
     
    •  
  
 
  
Fix information
 
  
     
   
  • Fixed component name
    SECURITY
    •  
   
  • Fixed component ID
    620700125
    •  
  
 
  
Applicable component levels
 
  
     
   
  • R600 PSY
       UP
    •  
   
  • R260 PSY
       UP
    •  
  
 
 
 

 









Rate this page:



(0 users)Average rating 





















	
	
	
	
	









	



























Copyright and trademark information



	
IBM, the IBM logo and ibm.com are trademarks of International Business Machines Corp., registered in many jurisdictions worldwide.  Other product and service names might be trademarks of IBM or other companies.  A current list of IBM trademarks is available on the Web at "Copyright and trademark information" at www.ibm.com/legal/copytrade.shtml.































Rate this page:






(0 users)Average rating









Add comments














Document information





	
Runtimes for Java Technology


	
Security


	




	
Software version:

	6.0

	





	
Reference #:

IV25336






Modified date:

2012-08-01








Translate my page














































 



Content navigation