JAVA Exceptions during certificate build for WPG

Technote (troubleshooting)


Problem(Abstract)

java.security.cert.CertPathBuilderException: invalid certificate, key
identifier is missing from authority key identifier extension
and other java exception:
java.lang.NullPointerException
at com.ibm.security.cert.PKIXCertPathBuilderImpl.createCASelector(Unknown Source)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.buildCertPath(Unknown Source)
at com.ibm.security.cert.PKIXCertPathBuilderImpl.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
at com.ibm.bcg.util.CertPathUtil.buildCertPath(CertPathUtil.java:438)

Cause

These java exceptions and path build failure are resulted from the customer 's Intermediate certificate i.e "iLienTestVersignSecureServer Certificate.cer" doesn't have "key identifier" in the"authority key identifier extension".

Resolving the problem

The APAR fix "PK33715: SUPPORT VERISIGN CERTIFICATES THAT HAVE NO AKI EXTENSION" will resolve the issue and which is part of IBM JDK SR7.

Users should upgrade the WPG level to Fix Pack 5 which will upgrade the JDK to 1.4.2 SR 5 and also the WAS level to 6.0.2.13. Then, later please ask the customer to upgrade the JDK to SR7

The below instruction to upgrade the JDK to SR7 after applying the WPG Fix Pack 5.

Note : Please follow the below instructions only after applying the WPG Fix Pack 5

Applying SR7 on top of JDK 1.4.2 SR5,

Steps to apply the fix
1) Stop all the components of WPG, namely console, receiver and router,
before applying this JDK level fix.

2) Ensure that there is enough disk-space to apply this fix (you would
need close to 300MB, while applying this fix)

3) Download the update installer from below link, if its not available.
Typically customers won't have this file, unless they have applied a JDK
level fix, previously
http://www-1.ibm.com/support/docview.wss?rs=180&uid=swg24008401

The exact updater would depend upon the the type of OS and the system
architecture.
For Linux 32 bit OS intel, the file is => updi.6000.linux.ia32.tar
Untar the "updi.6000.linux.ia32.tar" to the same Install root location
as your WAS directory which is being used by WPG hub. e.g. If WPG hub is
installed in "/opt/IBM/WPG/bcghub/" then untar the file
"updi.6000.linux.ia32.tar" in "/opt/IBM/bcghub/was".

4) After untarring you would get another folder under WAS, namely,
"updateInstaller"

5) Download the SR7 from the following location
http://www-01.ibm.com/support/docview.wss?rs=180&uid=swg24019127
The exact SR7 file would depend upon the the type of OS and the system
architecture.
For Linux 32 bit intel, the file is
=>6.0.0.X-WS-WASJavaSDK-LinuxX32-IFPK36145.pak

6) Move the downloaded iFIX "6.0.0.X-WS-WASJavaSDK-LinuxX32-IFPK36145.pak" for the above PMRs to the below stated folder '/opt/IBM/WPG/bcghub/was/updateInstaller/maintenance"

7) Run the Update Installer (update) present under this updateInstaller
folder to launch the GUI

8) Click Next to continue on the Welcome panel.

9) Make sure the directory name listed for the product installation is
correct and click Next

10) Select the 'Install maintenance package' radio button and click Next

11) Make sure the path listed points to the proper iFix package to be
applied to the product and click Next

12) Click Next to begin copying the JRE to the updateinstaller directory.

13) Click Relaunch to restart the Update Installer with the JRE copied
to the updateinstaller directory.

14) The path to the maintenance package is displayed. Note: The wizard
will remember all values from the previous launch. Click Next to continue

15) Click Next to begin applying the Refresh Pack

16) Click Finish to complete the installation.

17) In case of shortage of disk-space, delete the updateinstaller
directory (e.g. /opt/IBM/bcghub/was/updateinstaller). This will save
149M of disk space.

18) Now go to "/opt/IBM/bcghub/was/java/bin" and check the version of the JDK installed. You can do this by giving the command "./java -version" The version should be SR7,

Something like, java version "1.4.2"
Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2)
Classic VM (build 1.4.2, J2RE 1.4.2 IBM build cxia32142-20061124
(SR7) (JIT enabled: jitc))

19) Start the components of WPG

Cross reference information
Segment Product Component Platform Version Edition
Business Integration WebSphere Partner Gateway - Express 6.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5 All Editions

Rate this page:

(0 users)Average rating

Add comments

Document information


More support for:

WebSphere Partner Gateway Advanced Edition

Software version:

6.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.0.0.4, 6.0.0.5

Operating system(s):

AIX, Linux, Solaris, Windows

Software edition:

Advanced, All Editions, Enterprise

Reference #:

1259450

Modified date:

2012-05-11

Translate my page

Machine Translation

Content navigation