It's all about the answers!

Ask a question

RTC WI Screenshot Tool fails to run with an Error : "certificate has been revoked. the tool will not run"


Mallikarjuna Kandala (106314) | asked Dec 13 '16, 10:33 a.m.
edited Dec 13 '16, 10:34 a.m.
We are using RTC 6.0.1 on RHEL with Liberty as app server. While using RTC WI Screenshot Tool, it fails to run with an Error : "certificate has been revoked. the tool will not run".

Here is the error info :

java.security.cert.CertificateRevokedException: Certificate has been revoked, reason: AFFILIATION_CHANGED, revocation date: Fri Jun 06 05:30:00 IST 2014, authority: CN=VeriSign Class 3 Code Signing 2010 CA, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US, extension OIDs: []
    at com.sun.deploy.security.RevocationChecker.checkOCSP(Unknown Source)
    at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
    at com.sun.deploy.security.TrustDecider.checkRevocationStatus(Unknown Source)
    at com.sun.deploy.security.TrustDecider.getValidationState(Unknown Source)
    at com.sun.deploy.security.TrustDecider.validateChain(Unknown Source)
    at com.sun.deploy.security.TrustDecider.isAllPermissionGrantedInt(Unknown Source)
    at com.sun.deploy.security.TrustDecider.isAllPermissionGranted(Unknown Source)
    at com.sun.javaws.security.AppPolicy.grantUnrestrictedAccess(Unknown Source)
    at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResourcesHelper(Unknown Source)
    at com.sun.javaws.security.JNLPSignedResourcesHelper.checkSignedResources(Unknown Source)
    at com.sun.javaws.Launcher.prepareResources(Unknown Source)
    at com.sun.javaws.Launcher.prepareAllResources(Unknown Source)
    at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
    at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
    at com.sun.javaws.Launcher.launch(Unknown Source)
    at com.sun.javaws.Main.launchApp(Unknown Source)
    at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
    at com.sun.javaws.Main.access$000(Unknown Source)
    at com.sun.javaws.Main$1.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:798)

3 answers



permanent link
Matthew Clark (80418) | answered Dec 13 '16, 12:12 p.m.
edited Dec 13 '16, 12:16 p.m.
Try this as a workaround...this will not fix your error. IBM will need to implement a patch in order to fix your error. We ran into a similar issue using Rational Asset Manager. This will work as a workaround.

Launch Control Panel, Go into Java control panel, click the advanced tab, under the section "Perform signed code certificate revocation checks on", select Do not check.

edit: I see you're using RHEL. This was a work around for windows. I am not sure how to access Java control panel settings settings in RHEL. I would absolutely open a ticket with IBM support. Odd are, they are aware of this issue, but they should be able to provide you info on when this will be fixed, or if an existing fix has already addressed the issue.

Comments
Mallikarjuna Kandala commented Dec 15 '16, 8:28 a.m.

Hi Matthew,

I tried this workaround but for some reason it is not working for me. I use firefox on RHEL.

Thank you for taking time to help us!


permanent link
Dinesh Kumar (4.0k413) | answered Dec 14 '16, 3:06 a.m.
JAZZ DEVELOPER

The update site with the renewed certificate is being worked upon and should be available within a day or so... here is more details about the certificate revocation and the renewal :

http://www-01.ibm.com/support/docview.wss?uid=swg21994660

hope this helps

Comments
Mallikarjuna Kandala commented Dec 14 '16, 3:26 a.m.

Hi Dinesh,

Thanks for the information. I don't see a link to the fix which is applicable for 6.0.1. Will the fix be available for version 6.0.1 as well as we dont have any plans to upgrade 6.0.2 and planning to upgrade to 6.0.3 in March 2017.

Thanks.


permanent link
Homer Pope (15811921) | answered Dec 20 '16, 1:14 p.m.
 Where is the 6.0.1 version?  We are on Ifix008, why was this purposely left out?

Your answer


Register or to post your answer.