IBM Support

PK90245: THE ISSUERDN AND SUBJECTDN FIELDS IN THE SECJ6220I MESSAGE ARE INCORRECT AND SHOULD BE REVERSED

A fix is available

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Upon a Client Certificate authentication failure the SECJ6220I
    message provides more information regarding the involved
    certificate.
    
    The SubjectDN and IssuerDN fields are currently reversed, which
    can be confusing for problem diagnosis. Below is an example of
    the SECJ6220I message:
    
    SECJ6220I: Certificate authentication failed for certificate
    with SubjectDN="CN=AdminCN,OU=Certification
    Authorities,OU=Services ,O=admin,C=US" and
    IssuerDN="CN=T1234,OU=WEB-server,OU=Services,O=admin,C=US".  The
    native service results related to the authentication failure
    are: WebSphere service=BBOSSNAP, WebSphere returnCode=33, SAF
    service=IRRSIA00 INTA_CREATE, SAF returnCode=8, SAF product
    returnCode=8, SAF product reasonCode=40.
    
    In the above message, SubjectDN should be "CN=T1234 ... C=US"
    and IssuerDN should be "CN=AdminCA ... C=US"
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED: All users of WebSphere Application Server    *
    *                 V7.0                                         *
    *                                                              *
    ****************************************************************
    * PROBLEM DESCRIPTION: Upon a Client Certificate               *
    *                      authentication failure the SECJ6220I    *
    *                      message provides more information       *
    *                      regarding the involved                  *
    *                      certificate.                            *
    *                                                              *
    *                      The SubjectDN and IssuerDN fields are   *
    *                      currently reversed, which               *
    *                      can be confusing for problem diagnosis. *
    *                                                              *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    WebSphere Application Server incorrectly ordered the objects
    when formatting the message.
    

Problem conclusion

  • WebSphere Application Server has been modified to correctly
    order the objects when formatting the message.
    
    APAR PK90245 is currently targeted for inclusion in Service
    Level (Fix Pack) 7.0.0.5 of WebSphere Application Server V7.0.
    
    Please refer to URL:
    //www.ibm.com/support/docview.wss?rs=404&uid=swg27006970
    for Fix Pack availability.
    

Temporary fix

Comments

APAR Information

  • APAR number

    PK90245

  • Reported component name

    WEBSPHERE FOR Z

  • Reported component ID

    5655I3500

  • Reported release

    700

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2009-06-30

  • Closed date

    2009-07-08

  • Last modified date

    2009-08-03

  • APAR is sysrouted FROM one or more of the following:

    PK77015

  • APAR is sysrouted TO one or more of the following:

Modules/Macros

  • BBGUBINF BBOUBINF
    

Fix information

  • Fixed component name

    WEBSPHERE FOR Z

  • Fixed component ID

    5655I3500

Applicable component levels

  • R700 PSY UK48201

       UP09/07/27 P F907

Fix is available

  • Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"7.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
10 February 2022