Running a simple java program which fetches the credentials for an alias using the method a java method. The return status is "400" (OK) and the corresponding method returns the username for the alias.
However, the method to return the password returns "null" instead of the password.
CA PAM all versions up to 4.2.1 at least
Oracle java version 17.X
This is caused by the jar files for the PAM A2A clients being signed with a SHA1 algorithm
By default, later versions of java will consider jar signed with insecure versions of the algorithms as unsigned, causing this type of issue
It is possible to allow for jar files signed with weaker algorithms by modifying the following setting
jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
or altogether deleting it in the security/java.security file under your java installation
Sustaining Engineering is working on resigning the jar files and an updated PAM Client will be made available in future releases