APAR status
Closed as program error.
Error description
Error Message: SSL handshake generates x'15' alert - Decryption Failed . Stack Trace: N/A .
Local fix
This can be fixed by cleaning the old CKO_PRIVATE_KEY objects off the token
Problem summary
The problem is that the PKCS#11 device had multiple private key objects associated with the same certificate i.e. multiple CKO_PRIVATE_KEY objects with the CKA_ID attribute that match the certificate.
Problem conclusion
The problem occurs when the user attempts to recreate the PKCS#11 certificate/private key with duplicate label. Though iKeyman rejects the request with "Duplicate entry already exists", private/public keypair objects are already generated on the token. This results in dangling private key objects with the duplicate CKA_ID/CKA_LABEL attributes. Ths fix is - iKeyman will run the duplicate label validation check before private/public key pair objects are generated. . This APAR will be fixed in the following Java Releases: 8 SR4 FP10 (8.0.4.10) 7 SR10 FP10 (7.0.10.10) 6 SR16 FP50 (6.0.16.50) 6 R1 SR8 FP50 (6.1.8.50) 7 R1 SR4 FP10 (7.1.4.10) . Contact your IBM Product's Service Team for these Service Refreshes and Fix Packs. For those running stand-alone, information about the available Service Refreshes and Fix Packs can be found at: https://www.ibm.com/developerworks/java/jdk/
Temporary fix
Comments
APAR Information
APAR number
IV96797
Reported component name
SECURITY
Reported component ID
620700125
Reported release
270
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-05-31
Closed date
2017-06-13
Last modified date
2017-06-13
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
SECURITY
Fixed component ID
620700125
Applicable component levels
R270 PSY
UP
R260 PSY
UP
R600 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Edition":"","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
Document Information
Modified date:
07 December 2020