This section describes known issues and associated solutions related to Application Server and web application security and certificates.
WebServiceSecurity applications cannot run with J2SE 5.0 because:
J2SE 5.0 PKCS11 does not support UNWRAP mode
J2SE 5.0 PKCS11 does not support RSA/ECB/OAEPWithSHA1AndMGF1Padding with PKCS11
The J2SE team has filed “CR 6190389: Add support for the RSA-PKCS1 and RSA-OAEP wrap/unwrap mechanisms” for this bug.
Use J2SE 1.4.2 with any other JCE provider (not the one included by default). Note that hardware accelerator support will not be present in this configuration.
When Load Balancer (Hardware) is configured for SSL termination, the Application Server changes the protocol from https to http during redirection.
Add a software load balancer between the hardware load balancer and the Application Server.