APAR status
Closed as documentation error.
Error description
This APAR describes the issues that customers encountered with IBM WebSphere Application Server Version 9.0. These issues were resolved as documentation updates in September 2020.
Local fix
N/A
Problem summary
**************************************************************** * USERS AFFECTED: This APAR provides a cumulative list of * * the * * documentation issues for September_2020 * * that * * affect users of IBM WebSphere Application * * Server Version 9.0. * **************************************************************** * PROBLEM DESCRIPTION: The Knowledge Centers for WebSphere * * Application Server Version 9.0 need to * * reflect customer enhancement requests * * received in problem management records * * (PMRs). These enhancements can include * * fixing technical inaccuracies or * * clarifying vague information. * **************************************************************** * RECOMMENDATION: * **************************************************************** See the Problem conclusion section for a description of the issues, which are described in customer Skill Cases/PMRs, and the documentation change or changes that will address these issues.
Problem conclusion
Note: As we update our knowledge centers, the following Version 9.0 modifications will be available. To access the latest on- line documentation, go to the product library page at https://www.ibm.com/docs/en/was-nd/9.0.5 and select the version and product that is appropriate for your WebSphere Application Server environment. The following Version 9.0 issues will be addressed: ID: #2097 Problem: Topic, Securing Liberty by using HTTP Strict Transport Security (HSTS), describes how to secure Liberty by using the HTTP Strict Transport Security (HSTS) - BUT - needs to warn the user to first verify that the server has an SSL end point defined. without this verification, first, the procedure might fail. Resolution: Topic, Securing Liberty by using HTTP Strict Transport Security (HSTS), is updated to warn the user to verify that the server being secured has an SSL end point defined - whether setting a web application context-parameter or a server- level web container custom property. -------- ID: #3499 Problem: Topic, CertificateRequestCommands command group of the AdminTask object describes the createCertificateRequest command. One of the command options to be used is, -certificateValidDays. However you get an error using this option. the doumentation is in error. Resolution: Topic, CertificateRequestCommands command group of the AdminTask object, is updated for the createCertificateRequest command. The -certificateValidDays option is not in the code. As such -certificateValidDays is removed from this topic. This update also applies to V8.5 level of the knowledge center. ----- ID: #3560 (GHE) Problem: Client is trying to implement the SAML SSO feature of Websphere Application Server for one of our clients, following the documentation does not help. For the SP initiated SSO, client followed the steps mentioned in topic, Enabling SAML SP- Initiated web single sign-on (SSO), but it is not working. This code is not getting executed at all. The topic is missing information and needs updating. Resolution: Topic, Enabling SAML SP-Initiated web single sign-on (SSO), is updated as follows: (1) The About this Task section of the topic is updated to read: The AuthnRequest must be Base64 encoded. This example uses the Base64 encoder that is provided in the com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory API. You can use any Base64 encoder that you want. For information, see (give the link to the javadoc for com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory). (2) In the code example, the following is added to the import list: import com.ibm.websphere.wssecurity.wssapi.WSSUtilFactory; (3) Before map.put the following code is added: // get an instance of the WSSUtilFactory WSSUtilFactory wssuf = WSSUtilFactory.getInstance(); // invoke an API from the instance String encAuthnMsg = wssuf.encode(authnMessage.getBytes()); (4) the map.put statement is changed to: map.put(AuthnRequestProvider.AUTHN_REQUEST, encAuthnMsg); This update also applies to Veraion V8.5 of the knowledge center. -------- ID: #3599 (GHE) Problem: Two JVM properties, java.net.preferIPv4Stack AND java.net.preferIPv6Addresses are missing from the documentation for the BASE level of the knowledge center and their descriptions need to be added. Resolution: Topic, Java virtual machine custom properties, is updated to add these properties to the base level. The properties read: java.net.preferIPv4Stack Use this property to disable IPv6 support. On operating systems where IPv6 support is available, the underlying native socket that the product uses is an IPv6 socket. On IPv6 network stacks that support IPv4-mapped addresses, you can use IPv6 sockets to connect to and accept connections from both IPv4 and IPv6 hosts. Setting this property to true disables the dual mode support in the JVM which might, in turn, disrupt normal product functions. Therefore, it is important to understand the full implications before using this property. In general, setting this property is not recommended. The default value for this custom property is false. java.net.preferIPv6Addresses Use this property to disable IPv4 support. Setting this property to true disables the dual mode support in the JVM which might, in turn, disrupt normal product functions. Therefore, it is important to understand the full implications before using this property. In general, setting this property is not recommended. The default value for this custom property is false. This update also applies to version 8.5 of the knowledge center. -------- ID: #3601 (GHE) Problem: Topic, Secure Sockets Layer client certificate authentication, needs clarification concerning Client certificate authentication. Resolution: Topic, Secure Sockets Layer client certificate authentication, is update as follows: Change: Client certificate authentication occurs if the server side requests that the client side send a certificate. A Websphere server can be configured for client certificate authentication on the SSL configuration TO: Client certificate authentication occurs if the server side requests that the client side send a certificate. A Websphere server can be configured for client certificate authentication on the SSL configuration. Note that this configuration only affects WebSphere when it is acting as a server, not when it is acting as a client. This update also applies to version 8.5 of the knowledge center. ------- ID: #3623 (GHE) Problem: Client is using the removenode command to remove a node that was created with a Cell profile (using the cell profile creation process. Removing this kind of node is not possible using the removenode command and should be indicated in the knowledge center. Resolution: Topics, removeNode command, and topic,Creating cell profiles, are update with a note that reads: IMPORTANT Do not run the removeNode command if the application server node was built as part of a cell profile creation. Running the removeNode for this type of node results in the following message: ADMU2035W: WARNING! Node removal utility is unable to remove this node since it was created during Cell Profile creation. Your current node has not been modified This update also applies to version 8.5 of the knowledge center. -------
Temporary fix
Comments
APAR Information
APAR number
PH29729
Reported component name
WEBSPHERE APP S
Reported component ID
5724J0800
Reported release
900
Status
CLOSED DOC
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2020-09-22
Closed date
2020-09-25
Last modified date
2021-09-27
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Applicable component levels
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSEQTP","label":"WebSphere Application Server"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"9.0","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
01 November 2021