A fix is available
APAR status
Closed as program error.
Error description
The server does not start after enabling AES encryption. When the issue happens, SystemOut.log and ffdc shows error messages that suggest keystore failed to open and sockets are not created. ---Sample SystemOut.log ------ 12/21/20 14:37:22:671 CET] 00000001 SecurityCompo A JSAS0009I: IOR interceptor registered. [12/21/20 14:37:22:729 CET] 00000001 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on C:\IBM\Workflow\V20\profiles\DmgrProfile\log s\ffdc\dmgr_93c5a0df_20.12.21_14.37.22.7134680412014954678933.tx t com.ibm.ws.ssl.provider.AbstractJSSEProvider 601 [12/21/20 14:37:22:731 CET] 00000001 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on C:\IBM\Workflow\V20\profiles\DmgrProfile\log s\ffdc\dmgr_93c5a0df_20.12.21_14.37.22.729508452025414219953.txt com.ibm.websphere.ssl.JSSEHelper.getSSLContext 704 [12/21/20 14:37:22:733 CET] 00000001 FfdcProvider W com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on C:\IBM\Workflow\V20\profiles\DmgrProfile\log s\ffdc\dmgr_93c5a0df_20.12.21_14.37.22.7321517362465944198880.tx t com.ibm.ws.security.orbssl.WSSSLServerSocketFactoryImpl.create SSLServerSocket 459 -------------------------------------------- ---Sample trace (SASRas=all) output ---------- Current trace specification = *=info:com.ibm.ws.security.=all:com.ibm.websphere.security.=all: SASRas=all ************* End Display Current Environment ************* [1/4/21 11:23:58:197 CET] 00000001 ManagerAdmin I TRAS0018I: The trace state has changed. The new trace state is *=info:com.ibm.ws.security.=all:com.ibm.websphere.security.=all: SASRas=all. ... [1/4/21 11:23:59:488 CET] 00000001 ModelMgr I WSVR0801I: Initializing all server configuration models [1/4/21 11:24:21:603 CET] 00000001 PropertyManag 3 getInstance reinitialize=true [1/4/21 11:24:21:603 CET] 00000001 PropertyManag 3 getInstance no param [1/4/21 11:24:21:605 CET] 00000001 PropertyManag > initialize Entry [1/4/21 11:24:21:605 CET] 00000001 PropertyManag > getCellName Entry [1/4/21 11:24:21:606 CET] 00000001 PropertyManag 3 isServer=false Trying to get local.cell System property [1/4/21 11:24:21:606 CET] 00000001 PropertyManag < cellName null Exit <========== Server fails to obtain cellName ---------------------------------------------------
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * * that has AES encryption enabled. * **************************************************************** * PROBLEM DESCRIPTION: The server fails to decrypt the AES * * encrypted passwords at startup due to * * timing issue * **************************************************************** * RECOMMENDATION: * **************************************************************** At server startup, occasionally, the AES encrypted passwords were not successfully decrypted. It was due to the delay in loading necessary information to perform decryption.
Problem conclusion
The timing issue has been fixed. The fix for this APAR is targeted for inclusion in fix pack 8.5.5.20 and 9.0.5.8. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH34028
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2021-02-01
Closed date
2021-03-03
Last modified date
2021-04-01
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
R850 PSY
UP
R900 PSY
UP
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
02 November 2021