IBM Support

OA44174: CERTIFICATE BASED AUTHENTICATION FAILS WITH BOTH ORACLE AND IBM JRES.

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • When user tries to do a certificate based authentication
    (express and when using either Oracle's or IBM JRE the client
    certificate is not processed because the mscapi dll is throwing
    an error.
    
    Problem occurs with different levels of HOD at the 11.00 version
    and with both Oracle and IBM JREs using the IE keystore for
    certificates (PIV/CAC card).
    
    The error message reads:
    
    TokenCache.getTokenFromBrowser() could not load MSCAPI Token,
    SSLRuntimeException->com.ibm.hod5sslight.SSLRuntimeException:
    reason=1,
    message-> reason=1
    

Local fix

Problem summary

  • Users Affected: All Webstart clients with secure connection
    user using browser's keyring or Security Device
    This issue was happening because HOD downloaded the native dll
    (mscapi.dll) file to user temp directory and it fails to load
    from the temp location.
    

Problem conclusion

  • The code was  modified so that HOD will download the native dll
    file into the HOD HOME directory for webstart client and will
    load it from there.
    Fix is scheduled to be available in HOD 11.0.9 Refresh Pack
    

Temporary fix

  • Place the mscapi.dll file from server machine to any folder in
    client machine and add the path of this folder to the System
    Path
    

Comments

APAR Information

  • APAR number

    OA44174

  • Reported component name

    HOD MVS

  • Reported component ID

    5733A5900

  • Reported release

    B00

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt

  • Submitted date

    2014-01-04

  • Closed date

    2014-03-20

  • Last modified date

    2014-03-20

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

    UA73208 UA73209

Modules/Macros

  • JNI
    

Fix information

  • Fixed component name

    HOD MVS

  • Fixed component ID

    5733A5900

Applicable component levels

  • RB09 PSY

       UP

[{"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSS9FA","label":"IBM Host On-Demand"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"B.0","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Document Information

Modified date:
16 October 2021