I am new to web service. I could find a warning message in my production environment AIX, Web Sphere 5.1. Please help me to solve this issue.
[7/14/11 5:12:36:282 GMT+08:00] 28efcd65 KeyStoreKeyLo W WSEC5189W: The certificate (Owner: "EMAILADDRESSemail@example.com, CN=SOAP 2.1 Test CA, OU=TRL, O=IBM, L=Yamato, ST=Kanagawa, C=JP") with alias "soapca" from keyStore "/usr/was51/AppServer/etc/ws-security/samples/dsig-sender.ks" will be expired in 43 days
Looks like the certificate (Owner: "EMAILADDRESSfirstname.lastname@example.org, CN=SOAP 2.1 Test CA, OU=TRL, O=IBM, L=Yamato, ST=Kanagawa, C=JP") with alias "soapca" in keyStore "/usr/was51/AppServer/etc/ws-security/samples/dsig-sender.ks" is going to expire in 43 days.
You may have to generate new or renew. Here is a blog on renewing certificates
I checked the mentioned blog. It seems we need to buy a new certificate and import it in the keystore. Prior to this, I would like to confirm whether "we are using this keystore and it's certificate is going to expire" or "we are not at all using this keystore and it is a general warning for keystores across websphere components"
Please help me to identify whether we are using this keystore or not. Where can I check and confirm this in websphere.
And also, if you find any document for renewing this certificate in AIX sever, please share it with here.
Thanks in advance.
Joined: May 01, 2007
Here are the following steps that I did to ensure the keystore ussage.
1.Traced the soap message and printed it. It clearly says there is no authentication header information present in the soap message.
2.Moved the keystore file to a backup location. We were able to call the webservice without any issue.
If anyone know how to disable that warning in websphere, please share it.