IBM Support

IV96478: TADDM DMC FAILS TO START WITH "WEAK SIGNATURE ALGORITHM MD5WITHRSA AND IS TREATED AS UNSIGNED" AFTER UPGRADING JRE

Subscribe to this APAR

By subscribing, you receive periodic emails alerting you to the status of the APAR, along with a link to the fix after it becomes available. You can track this item individually or track all items by product.

Notify me when this APAR changes.

Notify me when an APAR for this component changes.

 

APAR status

  • Closed as program error.

Error description

  • TADDM Discovery Management Console fails with " weak signature
algorithm MD5withRSA and is treated as unsigned" after upgrading
the client JRE to Oracle 1.8 update 131 or IBM SR4 FP5.

TADDM jar files are currently signed with the MD5withRSA
algorithm. In the latest releases of the above mentioned JRE's
this algorithm is restricted by default to push towards stronger
cryptography algorithms.

Local fix

  • To work around this issue perform the following steps on the
client to re-enable the MD5 algorithm. There is no known new
threat by re-enabling MD5 signed jar support.
On the client, locate the java.security file in the java 8
installation directory, for example:

C:\Program Files\Java\jre1.8.0_131\lib\security\java.security

edit this file and delete entry "MD5" from the
jdk.jar.disabledAlgorithms list:

## jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
jdk.jar.disabledAlgorithms=MD2, RSA keySize < 1024

If you get an http 502 error (Bad Gateway) after this change,
then we recommend that you clear the java webstart cache, and
try again.

Problem summary

  • ****************************************************************
* USERS AFFECTED:                                              *
* All TADDM Users                                              *
****************************************************************
* PROBLEM DESCRIPTION:                                         *
* TADDM Discovery Management Console fails with "Weak          *
* signature algorithm MD5withRSA and is treated as unsigned"   *
* after upgrading                                              *
* the client JRE to Oracle 1.8 update 131 or IBM SR4 FP5.      *
*                                                              *
* TADDM jar files are currently signed with the MD5withRSA     *
* algorithm. In the latest releases of the above mentioned     *
* JREs,  this algorithm is restricted by default to push       *
* towards stronger cryptography algorithms.                    *
*                                                              *
* Updated the alogithm to resolve the issue.                   *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************

Problem conclusion

  • The fix for this APAR is contained in the following maintenance
packages:
| Fix Pack | 7.3.0-TIV-ITADDM-FP0004

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    IV96478
    • 

  • Reported component name
    APP DEPENDENCY
    • 

  • Reported component ID
    5724N5500
    • 

  • Reported release
    730
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2017-05-26
    • 

  • Closed date
    2017-09-22
    • 

  • Last modified date
    2017-09-22
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Modules/Macros


    

  • 999

    



Fix information


    

  • Fixed component name
    APP DEPENDENCY
    • 

  • Fixed component ID
    5724N5500
    • 



Applicable component levels


    

  • R730  PSY
       UP
    • 








      
              
                            

              

              [{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSPLFC","label":"Tivoli Application Dependency Discovery Manager"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"730","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            22 September 2017
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback