Sunday, March 15, 2009

Disable auto-generation of LTPA Keys

In a sso-enviroment this option could be a source of problems.
Websphere is configured by default to automatically generate new LTPA Keys every 12 weeks.
This caused some problems in our sso-enviroment.
Here is an link to this issue:
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.express.doc/info/exp/ae/tsec_ssldisableltpakeygen.html

here another one (PPT):
http://www-1.ibm.com/support/docview.wss?uid=swg27011781&aid=1

Hint:
backup your config-directory.
LTPA-Keys are stored in this file
/"websphere"/"dmgr"/config/cells/"cellname"/ltpa.jceks