Attention expiration du mot de passe plugin-key.kdb le 26 avril 2012
Patrice VIALOR 22 Avril 2012 09:18:19
Voici la description en anglais du problème potentiel que vous pourriez rencontrer. Cela peut concerner notamment votre plateforme IBM Connections."The WebSphere Application Server web server plug-in (web server plug-in) comes with a plugin-key.kdb file upon installation. The default password of WebAS is set to expire by April 26, 2012 US EDT.
After the password expiration date passes, the next time the web server running the web server plug-in is restarted, or the next time the plugin-cfg.xml is modified, the HTTPS (SSL) connectivity between the web server plug-in and the WebSphere Application Server might fail or revert to a non-SSL function and will not be encrypted.
This has no affect on the connection between the client (browser) and the web server that do not use the plugin-key.kdb for their certificate exchange. Only connections between the web server plug-in and the WebSphere Application Server will have the problem. For systems that use this file for their web server security, corrective action will need to taken as outlined in this Flash.
In some less common configurations, in which HTTP transports have been explicitly disabled, blocked, or removed, the web server plug-in will fail to forward the incoming requests returning an immediate error (HTTP 500 -- Internal Server Error)."
Vous êtes encouragés par IBM à changer le mot de passe ou mieux utiliser votre propre certificat auto-généré ou en acquerir un auprès d'un organisme accrédité (verisign,etc).
Voici le lien vers la technote.
- Commentaires [0]
