APAR status
Closed as program error.
Error description
If the configured truststore contains a private key and the integration server is not configured with a truststore password (because the truststore password is the default password), HTTPS connections from the HTTPRequest node may fail with the error java.lang.IllegalArgumentException: password can't be null. In this case, the system log records the BIP3165E error message. BIP3165E: An error occurred whilst performing an SSL socket operation. Operation: setSSLOptions. Error Text: java.lang.IllegalArgumentException: password can't be null.
Local fix
Set the password of the keystore in the server.conf.yaml file
Problem summary
**************************************************************** USERS AFFECTED: All users of IBM App Connect Enterprise V12.0 and V13.0 using a keystore with the default password. Platforms affected: AIX, WinX64, LinuxZ64, LinuxPPCLE64, LinuxX64 **************************************************************** PROBLEM DESCRIPTION: If the keystore is configured with the default password and the password is not explicitly specified in the server.conf.yaml file, keystore loading by the HTTPRequest node may fail with a BIP3165E error. BIP3165E: ( BKR13.default ) An error occurred whilst performing an SSL socket operation. Operation: 'setSSLOptions'. Error Text: '<com.ibm.broker.plugin.MbRecoverableException class:SecurityUtils method:loadDefaultKeyManagerFactory source:BIPmsgs key:2113 >' A service trace captured for this scenario shows the following exception stack: java.security.UnrecoverableKeyException: Password must not be null at java.base/sun.security.provider.JavaKeyStore.engineGetKey(JavaKe yStore.java:153) at java.base/sun.security.util.KeyStoreDelegator.engineGetKey(KeySt oreDelegator.java:91) at java.base/java.security.KeyStore.getKey(KeyStore.java:1050) at java.base/sun.security.ssl.SunX509KeyManagerImpl.(SunX509KeyMana gerImpl.java:141) at java.base/sun.security.ssl.KeyManagerFactoryImpl$SunX509.engineI nit(KeyManagerFactoryImpl.java:64) at java.base/javax.net.ssl.KeyManagerFactory.init(KeyManagerFactory .java:275) at com.ibm.broker.javastartparameters.SecurityUtils.loadKeyManagerF actory(SecurityUtils.java:100) at com.ibm.broker.imbsslsocket.MbSslSocket.setSSLOptions(MbSslSocke t.java:1221)
Problem conclusion
The product now correctly loads keystores that use the default password. --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v12.0 12.0.12.25 v13.0 13.0.7.0 The latest available maintenance can be obtained from: http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg27006041 If the maintenance level is not yet available,information on its planned availability can be found on: http://www-1.ibm.com/support/docview.wss?rs=849&uid=swg27006308 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT49031
Reported component name
APP CONNECT ENT
Reported component ID
5724J0570
Reported release
D0X
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2026-02-04
Closed date
2026-03-23
Last modified date
2026-03-23
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
APP CONNECT ENT
Fixed component ID
5724J0570
Applicable component levels
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSDR5J","label":"IBM App Connect Enterprise"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"13.0.0","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Document Information
Modified date:
23 March 2026