PK82324: SECJ0363E WHEN THE X500 DISTINGUISHED NAME CONTAINS OID:2.5.4.5 AND + (PLUS) CHARACTERS

Fixes are available

APAR status

Closed as program error.

Error description

SECJ0363E message is issued in a servant region,
SECJ0363E: Cannot create credential for the user
2.5.4.5=#130731323334353637 + CN=TestID +
UID=TestUserID,OU=users,O=TEST,C=US
because of the following exception {1}.
-
The user name is actually
serialNumber=1234567+CN=TestID+UID=TestUserID,OU=users,O=TEST,
C=US
-
The corrupted user name occurs consistently with some users, but
succeeds for other users.  No pattern can be detected for the
cause.

Local fix

Problem summary

****************************************************************
* USERS AFFECTED:  All users of IBM WebSphere Application      *
*                  Server V6.1.0                               *
****************************************************************
* PROBLEM DESCRIPTION: SECJ0363E when an incoming token        *
*                      contains extended attributes or         *
*                      Attribute Value Assertion(AVA)          *
****************************************************************
* RECOMMENDATION:                                              *
****************************************************************
A java class which parses incoming ASN.1.DER bytes to Java
String object doesn't parse some extended X509 attributes and
AVA properly. As a result, authentication is failed
due to unknown ID.

Problem conclusion

With this fix, ASN.1.DER bytes which contain extended X509
attributes or AVA are decoded properly.

APAR PK82324 is currently targeted for inclusion in
Service Level (Fix Pack) 6.1.0.26 of WebSphere
Application Server V6.1 for z/OS.

Please refer to URL:
//www.ibm.com/support/docview.wss?rs=404&uid=swg27006970
for Fix Pack availability.

Temporary fix

Comments

APAR Information

APAR number
PK82324
Reported component name
WEBSPHERE FOR Z
Reported component ID
5655I3500
Reported release
610
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt
Submitted date
2009-03-11
Closed date
2009-05-05
Last modified date
2009-10-03

APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:

PK82424 PK82427

Fix information

Fixed component name
WEBSPHERE FOR Z
Fixed component ID
5655I3500

Applicable component levels

R610 PSY UK49671
UP09/09/21 P F909

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS7K4U","label":"WebSphere Application Server for z\/OS"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"6.1","Line of Business":{"code":"LOB45","label":"Automation"}}]

Document Information

Modified date:
29 December 2021

Tips

PK82324: SECJ0363E WHEN THE X500 DISTINGUISHED NAME CONTAINS OID:2.5.4.5 AND + (PLUS) CHARACTERS

Fixes are available

Subscribe

APAR status

Closed as program error.

Error description

Local fix

Problem summary

Problem conclusion

Temporary fix

Comments

APAR Information

APAR number

Reported component name

Reported component ID

Reported release

Status

PE

HIPER

Special Attention

Submitted date

Closed date

Last modified date

APAR is sysrouted FROM one or more of the following:

APAR is sysrouted TO one or more of the following:

Fix information

Fixed component name

Fixed component ID

Applicable component levels

R610 PSY UK49671

Fix is available

Select the PTF appropriate for your component level. You will be required to sign in. Distribution on physical media is not available in all countries.

Document Information

Share your feedback

Need support?