• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

WebSphere 7.0 - logs warning - expiration certification authority

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I need your big help... It is less than 90 days left of expiration of WebSphere 7.0's CA...

The log said:
--------------------------
*** CERTIFICATES WITHIN THE 90 DAYS OF THE CERTIFICATE EXPIRATION THRESHOLD (MAY BE REPLACED WITHIN 90 DAYS) ***;
CWPKI0714I: The certificate expiration monitor has recently run and discovered that the certificates, which are listed in associated messages, will be replaced within the next 90 days. This replacement is based on the configured policy to automatically replace expiring self-signed certificates 60 days prior to expiration. This notification is informs you that problems might arise when the certificates are automatically replaced.

CWPKI0715I: In some cases, automatically replacing certificates can cause outages for Web server plug-ins operating on unmanaged nodes. In such a situation, the plug-in will be unable to contact the application servers over HTTPS because it will be using signers for certificates that have been replaced by the automatic replacement process. To prevent what may be and serious outage you should act before the scheduled replacement date and replace the expiring certificates and update the plug-in kdb to use the new signers.

CWPKI0719I: The default personal certificate in the "NodeRSATokenKeyStore((cell):xxxxNode01Cell:(node):xxxxNode01)" keystore is due to expire on Jun 9, 2013 and might be replaced after the Apr 10, 2013 threshold date.
--------------------------

I recieved the CA last 2011 and good till May 14, 2014 but the log warned me and the expiration will be on Jun 9, 2013? How can I extend from June 9, 2013 to May 14, 2014???

Also should I uncheck 2 boxes at: SSL certificate and key management > Manage certificate expiration
* Automatically replace expiring self-signed and chained certificates
* Delete expiring certificates and signers after replacement

Hope to hear from you real soon... Thanks.

Tom
 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hope you've found the solution, it's easy to renew
http://pic.dhe.ibm.com/infocenter/wasinfo/v7r0/topic/com.ibm.websphere.nd.doc/info/ae/ae/tsec_7renewcecacert.html
 
Marshal
Posts: 28193
95
Eclipse IDE Firefox Browser MySQL Database
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
seenu menati,
Your post was moved to a new topic.
 
Hot dog! An advertiser loves us THIS much:
a bit of art, as a gift, that will fit in a stocking
https://gardener-gift.com
reply
    Bookmark Topic Watch Topic
  • New Topic