IBM Support

PK25287: EXCEPTION JAVA.LANG.SECURITYEXCEPTION: THE IBMJCE4758 PROVIDER MAY HAVE BEEN TAMPERED. AFFECTS IBMJCE4578 USERS ONLY

Subscribe

You can track all active APARs for this component.

 

APAR status

  • Closed as program error.

Error description

  • Customers using JAVA 131s with IBMJCE4758 may see this error:

Exception java.lang.SecurityException: The IBMJCE4758 provider
may have been tampered.

It will occur after the appplication has been restarted.

The failure is due to an expiration of the JCE certificate.
Additional Verification Steps:

To further ensure that this fix is needed, you need to run with
the security debug trace,
 -Djava.security.auth.debug=all

Exception com.ibm.crypto.hdwrCCA.provider.h isTrusted
java.security.cert.CertificateExpiredException: NotAfter: Thu
Thu May 18 21:59 GMT 2006

Local fix

  • The fix can be obtained and installed as follows:

Please visit the following:
http://www-1.ibm.com/support/docview.wss?uid=isg3T1010263
 Review this flash, and follow the appropriate link for
JAVA 131s.  Retrieve the appropriate replacement jar file
based on your current maintenance level.
Follow the installation instructions found in the flash
section :
How to install the Temporary Fix :

With the new jar file in place, restart your application.
This temporary fix contains a re-signed certificate.
The temporary fix extends the expiration date to April 26, 2008.
The final fix will eliminate certificate expiration date
checking by the IBMJCE4758 provider.

Problem summary

  • Error "java.lang.SecurityException: The
IBMJCE4758 provider may have been tampered" can occur when using
 the IBMJCE4758 provider on z/OS JAVA at SDK131s and some SDK142
 service levels after the date of May 18, 2006

Problem conclusion

  • Fixed in 1.3.1 SR 10

Temporary fix

  • 



Comments


    

  • 



APAR Information




    

  • APAR number
    PK25287
    • 

  • Reported component name
    JAVA(1.3/1.4 CO
    • 

  • Reported component ID
    5648C9800
    • 

  • Reported release
    130
    • 

  • Status
    CLOSED  PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    YesHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2006-05-22
    • 

  • Closed date
    2007-03-26
    • 

  • Last modified date
    2007-03-26
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    JAVA(1.3/1.4 CO
    • 

  • Fixed component ID
    5648C9800
    • 



Applicable component levels


    








      
              
                            

              

              [{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SUPPORT","label":"IBM Worldwide Support"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"1.3.1","Edition":"","Line of Business":{"code":"","label":""}}]
              

                                                                    

          
 
        

      

    

      

        

          

            
Document Information


            

            


                        

            Modified date:
            

            09 February 2022
            

            
                      

        


        

        


      

    

  



    

  

  
    
            

          
Page Feedback