Service Operations Insight

 View Only
Expand all | Collapse all

Important & Urgent: Java Certificate for CA SOI is set to expire on October 16, 2016

  • 1.  Important & Urgent: Java Certificate for CA SOI is set to expire on October 16, 2016

    Broadcom Employee
    Posted Oct 10, 2016 05:37 PM

    Dear CA Customer:

    The purpose of this Advisory is to inform you of a potential problem that has been recently identified with Service Operations Insight. Please read the information provided below and follow the instructions in order to avoid being impacted by this problem.

     

    PRODUCT(S) AFFECTED: Service Operations Insight RELEASE:

    • 4.0 CU1
    • 4.0
    • 3.3 CU2
    • 3.3 CU1
    • 3.3
    • 3.2 CU3

     

    PROBLEM DESCRIPTION:

    The current certificates for the JRE will expire on 10/17/2016.
     
    SYMPTOMS:
    When the user launches the SOI Console, they will get a pop-up message stating “The application will run with unrestricted access which may put your computer and personal information at risk. Run this application only if you trust the locations and publisher above.”
     
    IMPACT:
    Bypassing this warning could cause end-users to violate security standards.
     

    WORKAROUND

    Steps for applying the circumvention:

     

    JAVA 1.7

     

       1. Upon expiration of the JRE certificate, the below error will be encountered while trying to launch the CA SOI Console Client:

     

     

    1. Open the Java Control Panel and set the Java Security Level to Medium or add the CA SOI Console URL to Exception Site List to allow the SOI Console client to launch:

     

       3. The security warning message below will appear. Please click the check box at the bottom of the dialog box and the CA SOI Console Client will launch successfully.


     

    Steps provided by Java:

    https://java.com/en/download/help/appsecuritydialogs.xml

    https://java.com/en/download/faq/exception_sitelist.xml

     

    Java 1.8

    • Delete your Browser Cache
    • Open Java Settings
    • Go to Advanced
    • Select “Certificate Revocation Lists (CRLs)” in section “Check for signed code certificate revocation using”
    • Click OK
    • Launch the console...a “Security Warning” window will appear, please Accept and click the “Run” button.

     

    PROBLEM RESOLUTION:
    CA will be providing patches for the above-referenced releases of Service Operations Insight (4.0.x, 3.3.x) by Friday 10/14/2016. These will be posted at the CA Support Website.

     

    Customers running 3.2 should be advised there is an outstanding End of Service notice for this release beginning November 1st, 2016 (available here). Therefore, CA is recommending 3.2 customers upgrade to the latest version (4.0 CU1) and apply the forthcoming CA SOI 4.0 CU1 patch.

     

    If you have any questions about this Advisory, please contact CA Support.
     
    Thank you,

    CA Support Team



  • 2.  Re: Important & Urgent: Java Certificate for CA SOI is set to expire on October 16, 2016

    Posted Oct 11, 2016 10:51 AM

    This notice states that SOI r4.0 is affected by the java certificate expiration.  However, it doesn't clearly state that r4.0 with CU1 is affected.  Could you please indicate if that is the case?