Running a simple java program which fetches the credentials for an alias using the method a java method. The return status is "400" (OK) and the corresponding method returns the username for the alias.

However, the method to return the password returns "null" instead of the password.

CA PAM all versions up to 4.2.1 at least

Oracle java version 17.X

This is caused by the jar files for the PAM A2A clients being signed with a SHA1 algorithm

By default, later versions of java will consider jar signed with insecure versions of the algorithms as unsigned, causing this type of issue

It is possible to allow for jar files signed with weaker algorithms by modifying the following setting

jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024

or altogether deleting it in the security/java.security file under your java installation

Sustaining Engineering is working on resigning the jar files and an updated PAM Client will be made available in future releases

Please see

https://www.java.com/en/configure_crypto.html

https://docs.redhat.com/en/documentation/red_hat_build_of_openjdk/17/html/release_notes_for_red_hat_build_of_openjdk_17.0.5/rn_openjdk-1705-features_openjdk#rn_openjdk-1705-features_openjdk