VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ47117

⇱ IJ47117: KEYTOOL -GENCERT FAILS WITH EXTENSIONS (-EXT OPTIONS)

IJ47117: KEYTOOL -GENCERT FAILS WITH EXTENSIONS (-EXT OPTIONS)

APAR status

  • Closed as program error.

Error description

  • Error Message: (1) The "keytool -gencert" with "-ext
honored=-2.5.29.35,-2.5.29.14" fails with the following error:
keytool error (likely untranslated): java.lang.RuntimeException:
java.io.IOException: No extension found with name
x509.info.extensions.AuthorityKeyIdentifier
(2) The "keytool -gencert" with "-ext san=dns:a" fails with the
following error:
keytool error (likely untranslated): java.lang.RuntimeException:
java.io.IOException: SubjectAlternativeName: Illegal argument
type
.
Stack Trace: N/A
.

Local fix



Problem summary


    

  • (1) The name format was wrong for the extensions.
(2) A proper constructor was missing.



Problem conclusion


    

  • A fix is made to IBMJCE and IBMPKCS
The associated Hursley RTC Problem Report is 149346
JVMs affected: Java 8
The fix was delivered for Java 8 SR8 FP10
The affected jar is "ibmjceprovider.jar" and "ibmpkcs.jar"
The build level of ibmjceprovider.jar for the affected releases
is "8.0 build_20230602-17"
The build level of ibmpkcs.jar for the affected releases is "8.0
build_20230602-20"
.
This APAR will be fixed in the following Releases:
.
IBM SDK, Java Technology Edition
 8 SR8 FP10 (8.0.8.10)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
maintenance can be found at:
 https://www.ibm.com/support/pages/java-sdk



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IJ47117
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-06-06
    • 

  • Closed date
    2023-06-14
    • 

  • Last modified date
    2023-06-14
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 15 June 2023