What's New

Read about changes to the IBM security providers and utilities that are provided with this release.

Any modifications that are made to this guide to support a service refresh are indicated by graphic images, for example: A graphic containing a forward-facing arrow head, and the characters SR1. In this image, SR1 indicates the start of changes that are made for service refresh 1. The end of each modification is marked by the following icon: A graphic containing a backward-facing arrow head. .

Changes not associated with a specific service refresh or fix pack

End of FIPS 140-2 certification for IBMJCEFIPS provider: The FIPS 140-2 cryptographic module certification for the IBM JCE FIPS Provider (IBMJCEFIPS), as documented in Cryptographic Module Validation Program CMVP, Certificate #2715, expired on 21 August 2021 and will not be renewed. The ibmjcefips.jar file will remain part of the SDK however you should upgrade to service refresh 7 or later and use the IBMJCEPlusFIPS JCE cryptographic provider to achieve FIPS 140-2 compliance of applications in future. (The IBMJCEPlusFIPS provider was added in service refresh 6, fix pack 10 but was signed with the SHA256withRSA signature algorithm in service refresh 7, for enhanced security.)

Other changes

Use the subtopics to learn about changes for specific service refreshes and fix packs.