How to resolve HTTP500/GSK406 SSL errors between IHS and Websphere Application Server on the IBM i

​Websphere Fixpacks: iFixes: J9 Java: the latest J9 Java and Websphere Application Server v8.5.5 or v9.0.5 fixpack update, you receive HTTP500 error on the web page and gsk 406 error in the plugin.log file.IHS plugin log location: ${CONFIG_ROOT}/logs/<lpar_IHSinstance>/plugin.logERROR: lib_security: logSSLError: str_security (gsk error 406): Error occurred in TLS processing, check the errno value.ERROR: lib_security: initializeSecurity: Failed to initialize GSK environment. Secure transports are not possible.To validate CMS version the plugin-key.kdb, we want to view the object in hex (F10). Review the 3rd byte value on the second line. This value identifies what CMS version that the key database file version has. If you see 06, in return means CMSV6 or 03 would mean CMSV3 and so on.WRKLNK ‘${CONFIG_ROOT}/cells/<lpar_APPServer>/nodes/<lpar_APPServer/servers/<IHS_Instance>/plugin-key.kdb’NOTE: We want to ensure that the CMS keystore is CMS version 4 or below. The IBM i System TLS APIs (that initialize the gskit secure environment) can only handle CMSv4 keystores. Read More 

Verified by MonsterInsights