Fixes are available
Rational Developer for z Systems Fix Pack 7 (9.5.1.7) for 9.5.1.
Rational Developer for z Systems Fix Pack 8 (9.5.1.8) for 9.5.1.
Rational Developer for z Systems Fix Pack 9 (9.5.1.9) for 9.5.1.
Rational Developer for z Systems Fix Pack 10 (9.5.1.10) for 9.5.1.
Rational Developer for z Systems Fix Pack 11 (9.5.1.11) for 9.5.1.
Rational Developer for z Systems Fix Pack 12 (9.5.1.12) for 9.5.1.
APAR status
Closed as program error.
Error description
In Rational Developer for z (RDz) v9.5.1.1, a user plug-in connecting to a HTTPS host fails with the certificate chaining error as can be seen in the console log: java.security.cert.CertPathValidatorException: Certificate chaining error at com.ibm.jsse2.j.a(Unknown Source) at com.ibm.jsse2.as.a(Unknown Source) at com.ibm.jsse2.C.a(Unknown Source) at com.ibm.jsse2.C.a(Unknown Source) at com.ibm.jsse2.D.a(Unknown Source) at com.ibm.jsse2.D.a(Unknown Source) at com.ibm.jsse2.C.r(Unknown Source) at com.ibm.jsse2.C.a(Unknown Source) at com.ibm.jsse2.as.a(Unknown Source) at com.ibm.jsse2.as.i(Unknown Source) at com.ibm.jsse2.as.a(Unknown Source) at com.ibm.jsse2.as.startHandshake(Unknown Source) at com.ibm.net.ssl.www2.protocol.https.c.afterConnect(Unknown Source) However, the same user plug-in and certificate in base eclipse can connect to the HTTPS host. The same issue exists in all RDz 9.5 service packs including 9.5.1.5 and IDz 14.0.0.5.
Local fix
In the user plug-in, modify the certificate location as shown in the following example: ... private static final String CACERTS_PASSWORD = "changeit"; String cacertsFileName = System.getProperty("java.home") + "/lib/security/cacerts"; ... System.setProperty("javax.net.ssl.trustStore",cacertsFileName); System.setProperty("javax.net.ssl.trustStorePassword",CACERTS_PA SSWORD);
Problem summary
When using customized certificates, this does not work with RDz with customer written plugins
Problem conclusion
Code has been changed to not force default trust store. The problem listed in this APAR has been resolved with IBM Rational Developer for z Systems V9.5.1.7 Fix Pack which is available from the Recommended Fixes support download page: http://www-1.ibm.com/support/docview.wss?rs=2294&uid=swg27006335
Temporary fix
Comments
APAR Information
APAR number
PI90034
Reported component name
DEV FOR Z SYS
Reported component ID
5724T0700
Reported release
951
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2017-11-09
Closed date
2018-01-29
Last modified date
2018-01-29
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
DEV FOR Z SYS
Fixed component ID
5724T0700
Applicable component levels
R951 PSY
UP
[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSTRMM","label":"IBM Developer for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"951","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]
Document Information
Modified date:
19 October 2021