2017 Expiring Java certificates

book

Article ID: 88115

calendar_today

Updated On:

Products

CA Automic Applications Manager (AM)

Issue/Introduction

Error Message :
N/A

In June 2017 Applications Manager's Java Client certificate has expired. If using a release of Java 7 update 51 or later, Java will not allow Applications Manager to launch with an expired certificate. Applications Manager 8.0.17 HF1, 9.0.1 HF, 9.1.3, and 9.2.0 will all contain the updated Java Certificate. Additional information on which versions are affected can be found at our community post here.

Investigation
Expired certificates will run into the error "Application Blocked by Java Security" when launching the Java Web Client.

<Please see attached file for image>

0EMb0000001UkMt.png




 

 

Cause

Cause type:
By design
Root Cause: Java's client certifications last two years.

Environment

OS Version: N/A

Resolution

Update to a fix version listed below or a newer version if available.

Applications Manager 8.0.17 HF1, 9.0.1 HF, 9.1.3, and 9.2.0 will all contain the updated Java Certificates. 
 
This new certificate will expire in 2019. Applications Manager (AM) v8 will be out of maintenance and support before then on 2018-03-31. There will not be a new Java certificate update after this date for AM v8.


Fix Status: Released

Fix Version(s):
Applications Manager 9.2.0 - Available
Applications Manager 9.1.3 - Available
Applications Manager 9.0.1 HF1 - Available
Applications Manager 8.0.17 HF1 - Available

Additional Information

Workaround :
Add the Java Web Client's Apache URL to Java's exception site list by opening Java control panel's security tab.

<Please see attached file for image>

0EMb0000001UkMy.png

Edit Site List, choose Add and enter in the Java Web Client's Apache URL. The Apache URL for the Java Web Client is URL to Launch the Web Client but excluding all characters after the Apache Port. In this example, the client URL is "http://172.16.148.162:80/PHMAM8/Intro.html", so the Apache URL is "http://172.16.148.162:80". Select Continue to accept the risk.

<Please see attached file for image>

0EMb0000001UkN3.png

Confirm that the URL is listed in the Exception Site List as seen below.

<Please see attached file for image>

0EMb0000001UkN8.png

Select Apply/OK.
 

Attachments

1558692654751000088115_sktwi1f5rjvs16lsj.png get_app
1558692652991000088115_sktwi1f5rjvs16lsi.png get_app
1558692651197000088115_sktwi1f5rjvs16lsh.png get_app
1558692648469000088115_sktwi1f5rjvs16lsg.png get_app