IZ48262: SOAP Client fails to initialize if using trust store with password

IBM Tivoli Federated Identity Manager 6.2.0 fix pack 3 (6.2.0-TIV-TFIM-FP0003)
Tivoli Federated Identity Manager 6.2.0 Fixpack 8 (6.2.0-TIV-TFIM-FP0008)
IBM Tivoli Federated Identity Manager Business Gateway v6.2.0, Fix Pack 8, 6.2.0-TIV-TFIMBG-FP0008
Tivoli Federated Identity Manager 6.2.0 Fixpack 9 (6.2.0-TIV-TFIM-FP0009)
Tivoli Fed Id Mgr Business Gateway v6.2.0, Fix Pack 9, 6.2.0-TIV-TFIMBG-FP0009
Tivoli Federated Identity Manager 6.2.0 Fixpack 13 (6.2.0-TIV-TFIM-FP0013)
Tivoli Fed Id Mgr Business Gateway v6.2.0, Fix Pack 13, 6.2.0-TIV-TFIMBG-FP0013

APAR status

• Closed as program error.

Error description

• If an OpenID service provider is configured to perform HTTPS
  server certificate validation with a keystore that is protected
  with a password, the client will fail to connect to any HTTPS
  OpenID identity provider with a NullPointerException.
  

Local fix

• The only workaround is to store the keys in the
  DefaultTrustedKeyStore which does not have a password
  associated with it, then use this keystore in the TFIM
  OpenID service provider configuration.
  

Problem summary

• This was a simple null condition checking error.
  

Problem conclusion

• The fix for this APAR will be contained in the following
  maintenance packages:
  | fix pack | 6.2.0-TIV-TFIM-FP0003 |
  

Temporary fix

Comments

APAR Information

• APAR is sysrouted FROM one or more of the following:

• APAR is sysrouted TO one or more of the following:

Fix information

• Fixed component name

  TIV FED ID MGR

• Fixed component ID

  5724L7300

Applicable component levels

• R620 PSY

     UP