APAR status
Closed as program error.
Error description
In the OpenID Connect (OIDC) Trust Association Interceptor (TAI), when the provider_(id).signatureAlgorithm OIDC TAI property is set to the value 'none', one of the following errors might occur, depending on the WebSphere fixpack installed: CWTAI2047E: A signing key required by the <null> signature algorithm was not available. Signing key is not valid CWTAI2061E: The OpenID Connect relying party (RP) failed to initialize because the value of optional property [signatureAlgorithm] is set to [none], which is not one of the supported values [RS256, RS512, HS256].
Local fix
Problem summary
**************************************************************** * USERS AFFECTED: All users of IBM WebSphere Application * * Server * * and the OIDC TAI * **************************************************************** * PROBLEM DESCRIPTION: Setting the OIDC TAI signatureAlgorithm * * property to none results in error * * CWTAI2047E or CWTAI2061E. * **************************************************************** * RECOMMENDATION: Install a fix pack or interim fix that * * contains this APAR. * **************************************************************** Setting the OIDC TAI signatureAlgorithm property to none results in error CWTAI2047E or CWTAI2061E.
Problem conclusion
The OIDC TAI is updated so that the provider_(id).signatureAlgorithm property can be set to the valu 'none' without error. The fix for this APAR is targeted for inclusion in fix pack 8.5.5.23 and 9.0.5.13. For more information, see 'Recommended Updates for WebSphere Application Server': https://www.ibm.com/support/pages/node/715553
Temporary fix
Comments
APAR Information
APAR number
PH45740
Reported component name
WEBS APP SERV N
Reported component ID
5724H8800
Reported release
850
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2022-04-18
Closed date
2022-06-17
Last modified date
2022-06-17
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WEBS APP SERV N
Fixed component ID
5724H8800
Applicable component levels
[{"Line of Business":{"code":"LOB45","label":"Automation"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"8.5"}]
Document Information
Modified date:
18 June 2022