A fix is available
APAR status
Closed as program error.
Error description
An SSLPeerUnverifiedException can be thrown in the wladm Ant task, despite the secure="false" attribute that is supposed to suppress this exception. An SSLPeerUnverifiedException can be thrown in the wladm program, despite the --secure=false option that is supposed to suppress this exception.
Local fix
Use an Oracle JRE instead of an IBM JRE.
Problem summary
**************************************************************** * USERS AFFECTED: * * Worklight Server administrators who use wladm with option * * secure="false", with IBM JRE and Worklight 6.2.0.0. * **************************************************************** * PROBLEM DESCRIPTION: * * Although wladm is being used with option secure="false", an * * exception stack trace is printed that contains * * Caused by: javax.net.ssl.SSLPeerUnverifiedException: peer * * not authenticated * * at * * com.ibm.jsse2.SSLSessionImpl.getPeerCertificates(SSLSessionI * * mpl.java:168) * * at * * org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVer * * ifier.java:128) * * at * * org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLS * * ocketFactory.java:397) * * at * * org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLS * * ocketFactory.java:495) * * at * * org.apache.http.conn.scheme.SchemeSocketFactoryAdaptor.conne * * ctSocket(SchemeSocketFactoryAdaptor.java:62) * * at * * org.apache.http.impl.conn.DefaultClientConnectionOperator.op * * enConnection(DefaultClientConnectionOperator.java:148) * * at * * org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoo * * lEntry.java:149) * * at * * org.apache.http.impl.conn.AbstractPooledConnAdapter.open(Abs * * tractPooledConnAdapter.java:121) * * at * * org.apache.http.impl.client.DefaultRequestDirector.tryConnec * * t(DefaultRequestDirector.java:573) * * at * * org.apache.http.impl.client.DefaultRequestDirector.execute(D * * efaultRequestDirector.java:425) * * at * * org.apache.http.impl.client.AbstractHttpClient.execute(Abstr * * actHttpClient.java:820) * * at * * org.apache.http.impl.client.AbstractHttpClient.execute(Abstr * * actHttpClient.java:754) * * at * * org.apache.http.impl.client.AbstractHttpClient.execute(Abstr * * actHttpClient.java:732) * * at * * com.ibm.worklight.admin.restclient.RESTClient.getResponse(RE * * STClient.java:936) * **************************************************************** * RECOMMENDATION: * * - * ****************************************************************
Problem conclusion
Fixed in Worklight 6.2.0.1: The code is modified so that the SSL handshake works also with IBM JRE.
Temporary fix
Comments
APAR Information
APAR number
PI24840
Reported component name
WORKLIGHT CONSU
Reported component ID
5725I4301
Reported release
620
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2014-08-29
Closed date
2014-09-09
Last modified date
2014-09-09
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
WORKLIGHT CONSU
Fixed component ID
5725I4301
Applicable component levels
R620 PSY
UP
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSZH4A","label":"IBM Worklight"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"620","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
15 October 2021