IBM Support

Error reported about creating IMS CA Certificate Store.

Troubleshooting


Problem

When running the IMS 8.2.1 Configuration Tool for the first time in a WAS 8.5 environment, this ends with a message about a failure to create the IMS CA Certificate Store.

Symptom

In the Websphere SystemOut.log for the IMS Server the following exception is seen:
[13/01/14 23:36:08:042 GMT] 00000176 GuidGen E Could not get Secure Random Number Generator algorithm: IBMSecureRandom
java.security.NoSuchAlgorithmException: SecureRandom SHA2DRBG implementation not found:
at java.security.Provider$Service.newInstance(Provider.java:904)
at org.apache.harmony.security.fortress.Engine.getInstance(Engine.java:234)
at java.security.SecureRandom.getInstance(SecureRandom.java:230)
at java.security.SecureRandom.getInstance(SecureRandom.java:214)
at encentuate.ng.crypto.CryptoUtils.getSecureRandom(CryptoUtils.java:218)
at encentuate.util.GuidGen.getSecureRandom(GuidGen.java:115)
at encentuate.util.crypto.certs.CertUtils.generateCertificateSerialNumber(CertUtils.java:345)
at encentuate.ng.was.keystore.ImsCertificateCreator.create(ImsCertificateCreator.java:95)
at encentuate.ng.was.actions.SetupImsKeyStoreAction.run(SetupImsKeyStoreAction.java:153)
at encentuate.ng.was.actions.SetupImsKeyStoreAction.run(SetupImsKeyStoreAction.java:1)
at com.ibm.ws.security.auth.ContextManagerImpl.runAs(ContextManagerImpl.java:5459)
at com.ibm.ws.security.auth.ContextManagerImpl.runAsSystem(ContextManagerImpl.java:5585)
at encentuate.ng.util.SystemContext.runAsSystem(SystemContext.java:40)
at encentuate.ng.wizards.front.commands.SetupImsKeyStoreCommand.execute(SetupImsKeyStoreCommand.java:79)
at encentuate.ng.chains.ChainManager.execute(ChainManager.java:108)
at encentuate.ims.async.FrontAppExecutionAsyncTask.invoke(FrontAppExecutionAsyncTask.java:189)
at encentuate.util.async.impl.AsyncRequest.run(AsyncRequest.java:73)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
at java.lang.Thread.run(Thread.java:773)
Caused by: java.lang.IllegalAccessException: Class java/security/Provider$Service illegally accessing "package private" class com/ibm/crypto/fips/provider/SHA2DRBG
at java.lang.J9VMInternals.newInstanceImpl(Native Method)
at java.lang.Class.newInstance(Class.java:1564)
at java.security.Provider$Service.newInstance(Provider.java:890)
... 19 more

Cause

Missing Websphere Java SDK patch

Environment

WebSphere 8.5.0.2

Resolving The Problem

See the following reference in the Installation Guide related to :

8. Select the following fix and click Next:
  • For x86 Windows operating systems: 8.5.0.0-WS-WASJavaSDK-WinX32-IFPM91292 8.5.0.20130723_1400
  • For x64 Windows operating systems: 8.5.0.0-WS-WASJavaSDK-WinX64-IFPM91292 8.5.0.20130723_1359


http://publib.boulder.ibm.com/infocenter/tivihelp/v2r1/topic/com.ibm.itamesso.doc_8.2.1/Installation_Guide/tasks/t_installing_was85.html

Ensure you have installed the correct one of these updates for your WebSphere installation, eg 32 or 64 bit.

[{"Product":{"code":"SS9JLE","label":"IBM Security Access Manager for Enterprise Single Sign-On"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"IMS Server","Platform":[{"code":"PF033","label":"Windows"}],"Version":"8.2.1","Edition":"All Editions","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
03 September 2019

UID

swg21661927

Page Feedback