Question & Answer
Question
At certain times, such as after re-signing TEP jar files or after new or updated ITM agent application support files are loaded, the following alert is seen during a TEP login. What is the recommended practice to manage this condition?
Cause
Java security needs to know that loaded jar files are ok to use. The jar files contain "code signing certificates" that need to be validated.
Answer
Customers can use two methods to manage this condition:
1) Click OK to allow use for this one session. Do that on each session startup.
2) Click on "Accept this certificate permanently" and then click OK. Subsequently that alert will not be seen.
These certificates are stored in application specific locations. There is a general "java" location and on one test system it was
C:\Program Files (x86)\Java\jre1.8.0_161\lib\security
The file name is cacerts. Basically wherever Java is installed [JAVA_HOME] and lib\security\cacerts within that.
Here is a document which has an introduction to this aspect of java computing
https://medium.com/@codebyamir/the-java-developers-guide-to-ssl-certificates-b78142b3a0fc
and it mentions a JDK tool to display certs within the cacerts file.
ITM does not have any procedure or tool to update that cacerts on the end user workstation. Thus each user should be told how to proceed.
[{"Line of Business":{"code":"","label":""},"Business Unit":{"code":"BU054","label":"Systems w/TPS"},"Product":{"code":"SSCTLMQ","label":"ITM Tivoli Enterprise Portal Server V6"},"ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Product Synonym
ITM6
Was this topic helpful?
Document Information
Modified date:
28 December 2020
UID
ibm16394500