APAR status
Closed as program error.
Error description
Error Message: java.lang.RuntimeException: Could not create SHA2DRBG . Stack Trace: java.lang.RuntimeException: Could not create SHA2DRBG at com.ibm.jsse2.vb.f(vb.java:232) at com.ibm.jsse2.sc.engineInit(sc.java:58) at javax.net.ssl.SSLContext.init(SSLContext.java:19) at ServerJsse.initContext(ServerJsse.java:89) at ServerJsse.main(ServerJsse.java:113) Caused by: java.security.NoSuchAlgorithmException: SecureRandom SHA2DRBG implementation not found: at java.security.Provider$Service.newInstance(Provider.java:904) at org.apache.harmony.security.fortress.Engine.getInstance(Engine.j ava:157) at java.security.SecureRandom.getInstance(SecureRandom.java:183) at com.ibm.jsse2.vb.f(vb.java:30) ... 4 more Caused by: java.lang.IllegalAccessException at java.lang.J9VMInternals.newInstanceImpl(Native Method) at java.lang.Class.newInstance(Class.java:1474) at java.security.Provider$Service.newInstance(Provider.java:890) ... 7 more . The problem happens when com.ibm.jsse2.sp800-131=strict and IBMJCEFIPS is before IBMJCE
Local fix
Put IBMJCE before IBMJCEFIPS in the provider list in java.security
Problem summary
The problem happens because JSSE2 cannot use SHA2DRBG from IBMJCEFIPS provider.
Problem conclusion
This defect will be fixed in: 7.0.0 SR4FP1 6.0.1 SR5Fp1 6.0.0 SR13FP1 . A fix is made to IBMJSSE2 provider to use algorithm name HASHDRBG to avoid this problem. The associated Hursley CMVC defect is 196130 The associated Austin CMVC defect is 113512 JVMs affected: Java 7 SR3, Java 6 R26 SR4, Java 6 SR12 The fix was delivered for Java 7 SR4FP1, Java 6 R26 SR5FP1, Java 6 SR13FP1 The affected jar is "ibmjsseprovider2.jar". The build level of this jar for the affected releases is "20130208".
Temporary fix
Comments
APAR Information
APAR number
IV36883
Reported component name
SECURITY
Reported component ID
620700125
Reported release
260
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2013-02-18
Closed date
2013-03-18
Last modified date
2013-03-18
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R260 PSY
UP
R600 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"260","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020