• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

ws-security certificate expiration warning in web sphere application server

 
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear friends,
I am new to web service. I could find a warning message in my production environment AIX, Web Sphere 5.1. Please help me to solve this issue.

============================================================================================================
[7/14/11 5:12:36:282 GMT+08:00] 28efcd65 KeyStoreKeyLo W WSEC5189W: The certificate (Owner: "[email protected], CN=SOAP 2.1 Test CA, OU=TRL, O=IBM, L=Yamato, ST=Kanagawa, C=JP") with alias "soapca" from keyStore "/usr/was51/AppServer/etc/ws-security/samples/dsig-sender.ks" will be expired in 43 days
============================================================================================================

Thanks in advance,
Murugesh.
 
Ranch Hand
Posts: 126
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Looks like the certificate (Owner: "[email protected], CN=SOAP 2.1 Test CA, OU=TRL, O=IBM, L=Yamato, ST=Kanagawa, C=JP") with alias "soapca" in keyStore "/usr/was51/AppServer/etc/ws-security/samples/dsig-sender.ks" is going to expire in 43 days.

You may have to generate new or renew. Here is a blog on renewing certificates

http://enerosweb.wordpress.com/2010/10/12/renew-certificate-in-websphere-keystore-while-retaining-same-alias/

Thanks
Anant
 
Murugesan Narayanasamy
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear Anant,

Thank you for your reply.

I checked the mentioned blog. It seems we need to buy a new certificate and import it in the keystore. Prior to this, I would like to confirm whether "we are using this keystore and it's certificate is going to expire" or "we are not at all using this keystore and it is a general warning for keystores across websphere components"

Please help me to identify whether we are using this keystore or not. Where can I check and confirm this in websphere.

And also, if you find any document for renewing this certificate in AIX sever, please share it with here.

Thanks in advance.

Thanks,
Murugesh.
 
Murugesan Narayanasamy
Greenhorn
Posts: 8
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Dear Friends,
Here are the following steps that I did to ensure the keystore ussage.

1.Traced the soap message and printed it. It clearly says there is no authentication header information present in the soap message.
2.Moved the keystore file to a backup location. We were able to call the webservice without any issue.

If anyone know how to disable that warning in websphere, please share it.

Thanks,
Murugesh.
 
It's a tiny ad only because the water is so cold.
Smokeless wood heat with a rocket mass heater
https://woodheat.net
reply
    Bookmark Topic Watch Topic
  • New Topic