Question & Answer
Question
How do I fix the SSL exception CWPKI0022E "KeyUsage does not allow digital signatures" in WebSphere Application Server?
WSX509TrustMa E CWPKI0022E: SSL HANDSHAKE FAILURE: A signer with SubjectDN "CN=LDAP.ibm.com, OU=websphere, O=ibm.com" was sent from target host:port " ldap://LDAP.IBM.COM:636 The signer may need to be added to local trust store "/opt/was80/AppServer/etc/LDAPServerTrustFile.jks" located in SSL configuration alias "LDAPCERT" loaded from SSL configuration file "security.xml". The extended error message from the SSL handshake exception is: "KeyUsage does not allow digital signatures".
[{"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Component":"SSL","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF016","label":"Linux"},{"code":"PF033","label":"Windows"}],"Version":"All Versions","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
03 March 2025
UID
ibm13380067