WebSphere Plugin Key & Password Expiration 4/26

Accelerated Value Announcement:  WAS Alert affecting ICS Products !

WebSphere Plugin Key & Password Expiration 4/26

Overview:    WAS Support posted two Flash Alerts to customers about Expirations on 4/26.  These expirations could have significant impact to production environments if not addressed. The following alert applies to all products that are built on top of WebSphere Application Server, for example: Portal, Sametime, Connections, and Quickr J.

ACTION:  Make sure that your customers are aware of these items and the April 26th date .

1)The password to the Plugin-key.kdb file  that is shipped with the WebSphere Plugin install will expire on April 26, 2012:
 
Please refer to the following link for additional details.  

http://www-01.ibm.com/support/docview.wss?uid=swg21588312

The impact  of the "password expiration issue in the above flash" is that the https transport between the WebSphere plugin and back-end AppServers will stop working, if not resolved.  It means that the Plugin-key.kdb (and the personal & signer certificates in it) will not be loaded during the plugin initialization and the https transport will not be used.

2) The personal certificate  called "WebSphere Plugin Key" within the plugin-key.kdb that is shipped with the WebSphere Plugin install will expire on April 26, 2012:

Please refer to the following link for additional details.  

http://www-01.ibm.com/support/docview.wss?uid=swg21577327

This will affect those WebSphere AppServers that are configured to require SSL client authentication (SSL mutual authentication) and that are using the default WebSphere plug-in key.  Most of our customers did not configure WebSphere AppServers to use SSL mutual authentication between the plug-in and WebSphere AppServers.