IBM Support

PI57981: Changing SSLDefault may still require unnecessary configuration of defaultKeystore

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • After altering SSLDefault to use an SSL configuration that
    does not use defaultKeystore, and installing the remote EJB
    feature (such as by using JavaEE7), you may need to
    explicitly configure defaultKeystore anyway to avoid error
    messages indicating the ORB will not start. Alternatively
    you can explicitly configure defaultIIOPEndpoint to use the
    same sslRef as SSLDefault.
    

Local fix

Problem summary

  • ****************************************************************
    * USERS AFFECTED:  All users of IBM WebSphere Application      *
    *                  Server Liberty Profile - SSL                *
    ****************************************************************
    * PROBLEM DESCRIPTION: Changing SSLDefault may still require   *
    *                      unnecessary configuration of            *
    *                      defaultKeystore                         *
    ****************************************************************
    * RECOMMENDATION:                                              *
    ****************************************************************
    After altering SSLDefault to use an SSL configuration that does
    not use defaultKeystore, and installing the remote EJB feature
    (such as by using JavaEEee7), you may need to explicitly
    configure defaultKeystore anyway to avoid error messages
    indicating the ORB will not start. Alternatively you can
    explicitly configure defaultIIOPEndpoint to use the same sslRef
    as SSLDefault.
    

Problem conclusion

  • The iiopEndpoint element will now use the SSLDefault setting to
    determine the default sslRef if not explicitly specified.
    
    The fix for this APAR is currently targeted for inclusion in fix
    pack 8.5.5.9.  Please refer to the Recommended Updates page for
    delivery information:
    http://www.ibm.com/support/docview.wss?rs=180&uid=swg27004980
    

Temporary fix

  • Explicitly configure defaultKeystore or explicitly configure
    defaultIIOPEndpoint to use the same sslRef as SSLDefault.
    

Comments

APAR Information

  • APAR number

    PI57981

  • Reported component name

    WAS LIBERTY COR

  • Reported component ID

    5725L2900

  • Reported release

    855

  • Status

    CLOSED PER

  • PE

    NoPE

  • HIPER

    NoHIPER

  • Special Attention

    NoSpecatt / Xsystem

  • Submitted date

    2016-02-24

  • Closed date

    2016-02-24

  • Last modified date

    2016-02-24

  • APAR is sysrouted FROM one or more of the following:

  • APAR is sysrouted TO one or more of the following:

Fix information

  • Fixed component name

    WAS LIBERTY COR

  • Fixed component ID

    5725L2900

Applicable component levels

  • R855 PSY

       UP

[{"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSD28V","label":"WebSphere Application Server Liberty Core"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"855","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]

Document Information

Modified date:
13 October 2021