IBM Security Key Lifecycle Manager Version 4.0.0 - Distributed Platforms Fix Pack 3 README

Abstract

Readme documentation for IBM Security Key Lifecycle Manager for Distributed Platforms, Version 4.0.0 Fix Pack 3 (4.0.0.3) including installation-related instructions, prerequisites and corequisites, and a list of fixes.   

Fix pack publish date: 15^th January 2021

Contents
List of fixes and features
Download instructions
Supported platforms
Prerequisites
Known limitations

Installation information
Variable definitions
Installing the IBM Security Key Lifecycle Manager fix pack
Installing fix pack when IBM Security Key Lifecycle Manager Multi-Master environment is set up
Uninstalling the IBM Security Key Lifecycle Manager along with fix pack
Copyright and trademark information

---

List of fixes and features

Features included in Version 4.0.0.3

None

Features included in Version 4.0.0.2

None

Features included in Version 4.0.0.1

New REST API to update multiple client certificates as per WWNN. Support for checking chain of trusted certificates. New unique return code for KMIP requests from untrusted clients. Simplified authentication and authorization step in using the Swagger UI. For more information, see https://www.ibm.com/support/pages/ibm-security-key-lifecycle-manager-version-400-fix-packs

---

APAR fixes included in Version 4.0.0.3

APAR No.	Sev.	Abstract
IJ28186	3	CTGKM3506E CANNOT FIND THE FILE $(SKLM_DATA)/$(SKLM_DATA)/KMIP_SELF_SIGNED_CERT.PEM.
IJ28430	1	UNABLE TO TURN OFF INCREMENTAL BACKUPS IN 4.0.0.2
IJ28461	3	THE 'DAILY REPLICATION TIME' SETTING CANNOT BE SAVED FROM GUI
IJ28676	2	MODIFY OWNER OR PARTNER CERT DOES NOT WORK IN P2P DEVICE GROUP IN SKLM 4002
IJ28624	1	DO NOT PERFORM BACKUP/RESTORE IF TKLM.ENCRYPTION.KEYSIZE ISNT SET
IJ30291	1	SKLMCONFIG.PROPERTIES GETS TRUNCATED WITH REPLICATION ENABLED

APAR fixes included in Version 4.0.0.2

APAR No.	Sev.	Abstract
IJ25479	2	UNABLE TO INSTALL DB2 UNIVERSAL FIX PACK ON SKLM 4.0 INSTALL
IJ25514	2	IBM SECURITY KEY LIFECYCLE MANAGER V4.0 CLIENT CERTIFICATE NAME GETTING CHANGED ON CLONE POST INCREMENTAL REPLICATION
IJ25992	1	SWAGGER DOES NOT HAVE ALL SKLM REST API COMMANDS
IJ26317	2	CROSS MIGRATION FROM 3.0 FP TO 4.0 GIVES SQL PREPARED STATEMEMENT EXCEPTION AND UNIQUE KEY CONSTRAINT EXCEPTION
IJ26100	2	PROBLEMS OCCUR WHEN PERFORMING EKM 2.1 TO SKLM 4.0 MIGRATION

APAR fixes included in Version 4.0.0.1

APAR No.	Sev.	Abstract
IJ23015	3	IBM SECURITY KEY LIFECYCLE MANAGER V4.0 PASSWORD POLICY VIOLATION FUNCTION DOES NOT WORK IN JAPANESE ENVIONMENT

 

---

Download instructions

1. Go to IBM Fix Central home page: http://www.ibm.com/support/fixcentral/
2. In the Product selector field, type IBM Security Key Lifecycle Manager, and select the product name when it appears.
3. From the Installed Version list, select 4.0.
4. From the Platform list, select the appropriate platform, and click Continue.
5. On the Identify Fixes page, ensure that the Browse for Fixes is selected, and click Continue.
6. On the Select Fixes page, select fix pack 4.0.0-ISS-SKLM-FP0003, and click Continue.
   You might be prompted to Sign In.  If you do not have an ID, click the Register now link and follow the registration steps as appropriate.
7. On the Download options page, select a download method (default is Download using Download Director).
8. Select the associated files and README for fix pack: 4.0.0-ISS-SKLM-FP0003 and click Download now.
9. To verify the download, use the following table and compare the checksum.
   

   Platform	File name	Command	Checksum
   AIX	4.0.0-ISS-SKLM-FP0003-AIX.tar.gz	md5sum FileName.tar.gz For example (UNIX/Linux): md5sum 4.0.0-ISS-SKLM-FP0003-zLinux.tar.gz Sample output a433c220fc1dd193d400338d2e189eef 4.0.0-ISS-SKLM-FP0003-zLinux.tar.gz	54aa25a03ecbba2b616e7cc48441dd05
   Linux	4.0.0-ISS-SKLM-FP0003-Linux.tar.gz		e9430109047f1e6ed333e3dd0a74f1e0
   zLinux (System z)	4.0.0-ISS-SKLM-FP0003-zLinux.tar.gz		a433c220fc1dd193d400338d2e189eef
   Linux PPC	4.0.0-ISS-SKLM-FP0003-LinuxPPC.tar.gz		60036a1238bd3a95b93789ca1e455a83
   Windows	4.0.0-ISS-SKLM-FP0003-Windows.zip	certutil -hashfile FileName.zip md5 For example (Windows): certutil -hashfile 4.0.0-ISS-SKLM-FP0003-Windows.zip md5 Sample output MD5 hash of file 4.0.0-ISS-SKLM-FP0003-Windows.zip: 3f1ad5ba2c82e849f9a28a20208b310d CertUtil: -hashfile command completed successfully.	3f1ad5ba2c82e849f9a28a20208b310d

   
   

   ---

   Supported platforms

   See IBM Security Key Lifecycle Manager Support Matrix.

   ---

   Fix pack files per platform

   Product/Component name	Platform	File name
   IBM Security Key Lifecycle Manager version 4.0 Fix Pack - 4.0.0-ISS-SKLM-FP0003	AIX	4.0.0-ISS-SKLM-FP0003-AIX.tar.gz
   IBM Security Key Lifecycle Manager version 4.0 Fix Pack - 4.0.0-ISS-SKLM-FP0003	Linux	4.0.0-ISS-SKLM-FP0003-Linux.tar.gz
   IBM Security Key Lifecycle Manager version 4.0 Fix Pack - 4.0.0-ISS-SKLM-FP0003	zLinux (System z)	4.0.0-ISS-SKLM-FP0003-zLinux.tar.gz
   IBM Security Key Lifecycle Manager version 4.0 Fix Pack - 4.0.0-ISS-SKLM-FP0003	Linux PPC	4.0.0-ISS-SKLM-FP0003-LinuxPPC.tar.gz
   IBM Security Key Lifecycle Manager version 4.0 Fix Pack - 4.0.0-ISS-SKLM-FP0003	Windows	4.0.0-ISS-SKLM-FP0003-Windows.zip

   ---

   Prerequisites

   1. Ensure that IBM Security Key Lifecycle Manager, Version 4.0 GA (4.0.0.0), fix pack 1 (4.0.0.1), or 4.0 fix pack 2 (4.0.0.2) is already installed.
   2. Ensure that /tmp directory does not contain KLMPrev.properties. If present, rename / remove this file before you start applying fix pack.
      Also, ensure that the /tmp directory has all the permissions and does not have noexec set.
   3. Ensure that IBM Security Key Lifecycle Manager is not in use.
   4. Ensure that umask must be set to 0022.
   5. Back up the IBM Security Key Lifecycle Manager server. For instructions, see Configuring backup and restore.
   6. Back up the WebSphere Application Server files. For instructions, see the following table:
       

   S.No.	Instruction	Windows Commands	UNIX/Linux Commands
   1.	Windows - Open a command prompt. Linux / AIX - Open a ksh or bash shell.	Click the Start button, click Run, type cmd, and click the OK button.	If your default shell is not ksh or bash, run "exec ksh" or "exec bash".
   2.	Stop WebSphere Application Server.	WAS_HOME\bin\stopServer.bat server1 -username WAS_ADMIN -password WAS_PASSWORD	WAS_HOME/bin/stopServer.sh server1 -username WAS_ADMIN -password WAS_PASSWORD
   3.	Make a temporary directory.	mkdir WAS_BACKUP_DIRECTORY For example: mkdir C:\wasbackup	mkdir WAS_BACKUP_DIRECTORY For example: mkdir /tmp/wasbackup
   4.	Change directory to the temporary directory.	cd C:\wasbackup	cd /tmp/wasbackup
   5.	Copy or archive the files from the directory where WebSphere Application Server is installed.	xcopy /y /e /d WAS_HOME C:\wasbackup	tar -cvf wasbackup.tar WAS_HOME/*
   6.	Start WebSphere Application Server.	WAS_HOME\bin\startServer.bat server1	WAS_HOME/bin/startServer.sh server1

    

   ---

   Known limitation

   Rollback of installed fix pack is not supported.

   ---

   Installing the fix pack

   Installing a fix pack involves the following steps:

   A. Complete the prerequisites.

   B. Prepare to install the fix pack.

   C. Install the fix pack: 

   • By using the graphical user interface
   • Silently

   D. Complete the post fix-pack installation tasks.

   ---

   Prepare to install the fix pack

   1. Open the command-line interface.
   2. Create a temporary directory to extract the fix pack installer files.
      Windows
      mkdir C:\sklminstall_windowsfp
      UNIX/Linux
      mkdir /sklminstall_linuxfp
      
   3. Change directory to this temporary directory.
      Windows
      cd C:\sklminstall_windowsfp
      UNIX/Linux
      cd /sklminstall_linuxfp
      
   4. Download the fix pack installer files into the directory. See Download Instructions.
      
   5. Extract the downloaded files.
      For example:

      Windows: 4.0.0-ISS-SKLM-FP0003-Windows.zip [Right-click and extract all]
      

      UNIX/Linux: tar -xvf 4.0.0-ISS-SKLM-FP0003-Linux.tar.gz
      

      Note: Use the platform-specific file.

   
   For more information, see https://www.ibm.com/support/pages/ibm-security-key-lifecycle-manager-version-400-fix-packs.

    

   ---

   Installing the fix pack by using the graphical user interface

   S. No.	Instruction	Steps
   1.	Stop WebSphere Application Server, update Java SDK, and then start Installation Manager in GUI mode.	Windows Open a command prompt, and change the directory to the directory where you extracted the installer files. For example: C:\sklminstall_windowsfp Run the following command: updateSKLM.bat IM_INSTALL_LOCATION WAS_HOME WAS_ADMIN WAS_PASSWORD For example: updateSKLM.bat "C:\Program Files\IBM\Installation Manager" "C:\Program Files\IBM\WebSphere\AppServer" wasadmin wasadminpwd UNIX/Linux Open a command prompt, and change the directory to the directory where you extracted the installer files. For example: /sklminstall_linuxfp Run the following commands: chmod +x ./updateSKLM.sh ./updateSKLM.sh IM_INSTALL_LOCATION WAS_HOME WAS_ADMIN WAS_PASSWORD For example: updateSKLM.sh /opt/IBM/InstallationManager /opt/IBM/WebSphere/AppServer wasadmin wasadminpwd
   2.	Select the IBM Security Key Lifecycle Manager, Version 4.0 software package group.	1.     Select the base offering software package group (IBM Security Key Lifecycle Manager, Version 4.0). 2.     Click Next. 3.     In the Update Packages panel, select Version 4.0.0.3, and click Next.
   3.	Provide credentials for WebSphere Application Server admin user (default: wasadmin) SKLM admin user (default: SKLMAdmin) and Db2 user (default: sklmdb40).	In the Update Packages Configuration for IBM Security Key Lifecycle Manager v4.0.0.3 panel: Enter Username and Password for Application Server Administrator. Enter Username and Password for IBM Security Key Lifecycle Manager Application Administrator. Enter Username and Password for IBM DB2 user. Click Validate Credentials. Validation might take few minutes. Wait till the Next button is enabled. Click Next.
   4.	Complete the final step.	In the Update Packages > Summary panel, review the software packages that you want to install, and click Update. After Installation Manager successfully updates the fix pack for the services that you select, a message is displayed.

   
   

   ---

   Installing a fix pack silently

   S. No.	Instruction	Steps
   1.	Launch the Installation Manager utility to encrypt the passwords for users as required.	Open a command prompt. Change the directory to the IM_INSTALL_LOCATION/eclipse/tools directory. Windows Run the following command to generate an encrypted password: imcl.exe encryptString password_to_encrypt UNIX/LINUX Run the following command to generate an encrypted password: ./imcl encryptString password_to_encrypt
   2.	Back up the response file.	Rename the original response file to create a backup of the file:  SKLM_Silent_Update_platform_Resp.xml For example: SKLM_Silent_Update_platform_Resp_original.xml The response file is located in the /sklm directory, which is within the directory where the fix pack is extracted.
   3.	Edit the response file.	Windows Edit the response file SKLM_Silent_Update_platform_Resp.xml. Edit the repository location to point to the current location of the installer. Sample: <repository location='C:\sklminstall_windowsfp\sklm'/> Edit WASAdmin user name and password (Password needs to be encrypted). Sample: <data key='user.WAS_ADMIN_ID,com.ibm.sklm40.win>value='wasadmin'/> <data key='user.WAS_ADMIN_PASSWORD,com.ibm.sklm40.win> value='e9PjN93MeQxwnSs9VXJFMw=='/> Edit SKLMAdmin user name and password (Password need to be encrypted). Sample: <data key='user.SKLM_ADMIN_ID,com.ibm.sklm40.win>value='SKLMAdmin'/> <data key='user.SKLM_ADMIN_PASSWORD,com.ibm.sklm40.win> value='9YTRJMRIydDSdfhaHPs1ag=='/> Edit Db2 user name and password (Password need to be encrypted). Sample: <data key='user.DB2_ADMIN_PWD,com.ibm.sklm40.db2.win.ofng' value='sklmdb40'/> <datadata key='user.CONFIRM_PASSWORD,com.ibm.sklm40.db2.win.ofng' value='QTh/0AiFvrljhs9gnOYkGA=='/> UNIX/Linux Edit the response file: SKLM_Silent_Update_platform_Resp.xml Edit the repository location to point to the current location of the installer. Sample for Linux: <repository location='/sklminstall_linuxfp/sklm'/> Edit WASAdmin user name and password (Password needs to be encrypted). Sample: <data key='user.WAS_ADMIN_ID,com.ibm.sklm40.linux>value='wasadmin'/> <data key='user.WAS_ADMIN_PASSWORD,com.ibm.sklm.Linux> value='e9PjN93MeQxwnSs9VXJFMw=='/> Edit SKLMAdmin user name and password (Password needs to be encrypted). Sample: <data key='user.SKLM_ADMIN_ID,com.ibm.sklm40.linux>value='SKLMAdmin'/> <data key='user.SKLM_ADMIN_PASSWORD,com.ibm.sklm40.linux> value='9YTRJMRIydDSdfhaHPs1ag=='/> Edit the user name and password of the Db2 user (Password need to be encrypted). Sample: <data key='user.DB2_ADMIN_ID,com.ibm.sklm40.db2.lin.ofng' value='sklmdb40'/> <data key='user.DB2_ADMIN_PWD,com.ibm.sklm40.db2.lin.ofng' value='QTh/0AiFvrljhs9gnOYkGA=='/>
   4.	Install the fix pack.	Windows Open a command line interface, and change directory to the directory where the installer files are extracted. For example: C:\sklminstall_windowsfp For example: /sklminstall_linuxfp Run the following command: silent_updateSKLM.bat IM_INSTALL_LOCATION WAS_HOME WAS_ADMIN WAS_PASSWORD For example: silent_updateSKLM.bat "C:\Program Files\IBM\Installation Manager" "C:\Program Files \IBM\WebSphere\AppServer" wasadmin wasadminpwd UNIX/Linux Open a command prompt, and change the directory to the repository directory. For example: /sklminstall_linuxfp   Run the following commands: chmod +x ./silent_updateSKLM.sh ./silent_updateSKLM.sh IM_INSTALL_LOCATION WAS_HOME WAS_ADMIN WAS_PASSWORD For example: ./silent_updateSKLM.sh /opt/IBM/InstallationManager /opt/IBM/WebSphere/AppServer wasadmin wasadminpwd

   
   

   ---

   Post fix-pack installation

   1. Use one of the following methods to verify the installation.

      • Using graphical user interface:
        1. Log in to the graphical user interface.
        2. On the Welcome page header bar, click the Help (?) icon.
        3. Click About.
           The page displays the version details.
      • Using REST interface:
        Run the Version Info REST Service.  For more information, see Swagger UI. 
      • Using command line interface:
        • Windows
          1. Open a command prompt.
          2. Run the command: cd WAS_HOME\bin
          3. Run the command:
             wsadmin -lang jython -username sklmadminUserID -password sklmadminPassword
             For example: wsadmin.bat -lang jython -username sklmadmin -password sklmpassword
              
          4. At the wsadmin> prompt, type: print AdminTask.tklmVersionInfo()
        • UNIX/Linux
          1. Open a shell (ksh or bash).
          2. Run the commands:
             cd WAS_HOME/bin/
             ./wsadmin.sh -lang jython -username sklmadminUserID -password sklmadminPassword
             For example: ./wsadmin.sh -lang jython -username sklmadmin -password sklmpassword
              
          3. At the wsadmin> prompt, type:
             print AdminTask.tklmVersionInfo()
             
             Check the output of the tklmVersionInfo command:

             
             IBM Security Key Lifecycle Manager Version = 4.0.0.3
             IBM Security Key Lifecycle Manager Build Level = 202101080146
             WebSphere Application Server Version = 9.0.5.0
             DB2 Version = 11.1.4.4
             Java Version = JRE 1.8.0_211 IBM J9 VM 2.9
             Operating System Version = Linux:3.10.0-957.21.3.el7.x86_64:amd64
             Agent Version : 1.0
             				
   2.       Back up the IBM Security Key Lifecycle Manager server. For more information, see Configuring backup and restore.

   ---

   
   Installing IBM Security Key Lifecycle Manager with the fix pack when a Multi-Master environment is set up
   
   Prerequisites 
   If the original primary master server is currently acting as a standby master server, promote it to primary and then, install the fix pack. Otherwise the database updates are not applied to the cluster.

   To promote a master server to primary, see Promote to primary. 
   
   To install the fix pack

   1. Stop WebSphere Application Server on all the master servers, in any sequence.
      1. Open a command prompt.
      2. Go to the WAS_HOME\bin directory.
         Windows
         C:\Program Files\IBM\WebSphere\AppServer\bin
         Linux
         /opt/IBM/WebSphere/AppServer/bin
          
      3. Stop the IBM Security Key Lifecycle Manager server.
         Windows
         stopServer.bat server1 -username wasadmin -password mypwd
         Linux
         ./stopServer.sh server1 -username wasadmin -password mypwd
      
      
   2. Stop Agent on all the master servers, in any sequence.
      1. Open a command prompt.
      2. Go to the SKLM_INSTALL_HOME\agent directory.
         Windows
         C:\Program Files\IBM\SKLMV40\agent
         Linux
         /opt/IBM/SKLMV40/agent
      3. Stop the Agent.
         Windows
         stopAgent.bat WAS_HOME
         For example: stopAgent.bat "C:\Program Files\IBM\WebSphere\AppServer"
         Linux
         ./stopAgent.sh WAS_HOME
         For example: ./stopAgent.sh /opt/IBM/WebSphere/AppServer
          
   3. Apply fix pack on each master server and verify the installation. Perform this step in the following sequence: 
      1. Primary master server
      2. Principal standby master server
      3. Auxilliary standby master servers
      4. Non-HADR master servers
         
         For steps to install the fix pack, see Installing the fix pack.
         
      
      To verify the installation: 
      1. Log in to IBM Security Key Lifecycle Manager and check the version number.
      2.  Ensure that the master server is running and available for use.

   ---

   Uninstalling the fix pack

   Important: The following steps uninstall the entire product package, including IBM Security Key Lifecycle Manager, IBM Db2, and WebSphere Application Server, and all your data will be lost. Take a backup before uninstalling.

   Uninstalling IBM Security Key Lifecycle Manager with the fix pack by using the graphical user interface

   S. No.	Instruction	Steps
   1.	Complete the prerequisites	Stop the WebSphere Application Server.
   2.	Uninstall IBM Security Key Lifecycle Manager.	Windows Browse to IM_INSTALL_LOCATION\eclipse and double-click IBMIM to start IBM Installation Manager in GUI mode. In IBM Installation Manager, click Uninstall. The Uninstall Packages window opens. Select the check boxes to uninstall IBM Security Key Lifecycle Manager, Db2, and the WebSphere Application Server. Click Next. Type the WebSphere Application Server Administrator user ID and the password. Click Next. The Summary panel opens. Review the software packages to be uninstalled and their installation directories, and click Uninstall. Verify the uninstallation summary and the log files that are at C:\ProgramData\IBM\InstallationManager\logs\sklmLogs\ . After you uninstall IBM Security Key Lifecycle Manager, delete the WebSphere and Db2 install directories, if not already removed. In case of default installation, these directories are C:\Program Files\IBM\WebSphere and C:\Program Files\DB2SKLMV40. Unix/Linux Browse to IM_INSTALL_LOCATION/eclipse and run IBMIM. In IBM Installation Manager, click Uninstall. The Uninstall Packages window opens. Select the check boxes to uninstall IBM Security Key Lifecycle Manager, DB2, and the WebSphere Application Server. Click Next. Type the WebSphere Application Server Administrator user ID and the password. Click Next. The summary panel opens. Review the software packages to be uninstalled and their installation directories. Click Uninstall. Verify the uninstallation summary and the log files that are at /var/ibm/InstallationManager/logs/native/ . After you uninstall IBM Security Key Lifecycle Manager, delete the /opt/IBM/WebSphere and /opt/DB2SKLMV40 directories if not already removed.

   
   

   ---

   Uninstalling IBM Security Key Lifecycle Manager with the fix pack silently

   S. No.	Instruction	Steps
   1.	Edit the silent response file.	1.      Go to the directory that contains the installer files. For example: Windows: C:\sklminstall_windowsfp Linux: /sklminstall_linuxfp 2.     Back up the original response file SKLM_Uninstall_platform_Resp.xml by renaming it to SKLM_Uninstall_platform_Resp_original.xml. 3.     Edit the silent response file SKLM_Uninstall_platform_Resp.xml. Edit WASAdmin user name and password (password needs to be encrypted). Windows  Sample: <data key='user.WAS_ADMIN_ID,com.ibm.sklm40.win' value='wasadmin'/> <data key='user.WAS_ADMIN_PASSWORD,com.ibm.sklm40.win' value='e9PjN93MeQxwnSs9VXJFMw==> UNIX/Linux Sample: <data key='user.WAS_ADMIN_ID,com.ibm.sklm40.linux' value='wasadmin'/> <data key='user.WAS_ADMIN_PASSWORD,com.ibm.sklm40.linux' value='e9PjN93MeQxwnSs9VXJFMw=='/>
   2.	Uninstall IBM Security Key Lifecycle Manager.	Windows Open a command prompt. Change the directory to IM_INSTALL_LOCATION\eclipse\tools directory. Run the following command: imcl.exe -input PATH_TO_UNINSTALL_RESPONSE_FILE -silent For example: imcl.exe -input "C:\sklminstall_windowsfp\SKLM_Uninstall_Win_Resp.xml" -silent Verify the uninstallation summary and the log files that are at C:\ProgramData\IBM\InstallationManager\logs\sklmLogs\ . After you uninstall IBM Security Key Lifecycle Manager, delete the WebSphere and Db2 install directories, if not already removed. In case of default installation, these directories are C:\Program Files\IBM\WebSphere and C:\Program Files\DB2SKLMV40. UNIX/Linux Open a command prompt. Change the directory to IM_INSTALL_LOCATION\eclipse\tools directory. Run the following command: ./imcl -input PATH_TO_UNINSTALL_RESPONSE_FILE -silent For example: ./imcl -input /sklminstall_linuxfp/SKLM_Uninstall_Linux_Resp.xml -silent Verify the uninstallation summary and the log files that are at /var/ibm/InstallationManager/logs/native/ . After you uninstall IBM Security Key Lifecycle Manager, delete the /opt/IBM/WebSphere and /opt/DB2SKLMV40 directories if not already removed.

   Where:

   PATH_TO_UNINSTALL_RESPONSE_FILE refers to the uninstallation response file provided or bundled with the fix pack installer.

   platform refers to the operating system where the fix pack is being installed / uninstalled. For example: SKLM_Uninstall_platform_Resp.xml on Linux will be SKLM_Uninstall_Linux_Resp.xml

   ---

   Copyright and trademark information
   
   http://www.ibm.com/legal/copytrade.shtml

   Notices
   
   INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you.
   
   This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice.

   Linux is a registered trademark of Linus Torvalds in the United States, other countries, or both.

   Microsoft and Windows are trademarks of Microsoft Corporation in the United States, other countries, or both.
   
   Other company, product, or service names may be trademarks or service marks of others.
   
   THIRD-PARTY LICENSE TERMS AND CONDITIONS, NOTICES AND INFORMATION
   
   The license agreement for this product refers you to this file for details concerning terms and conditions applicable to third party software code included in this product, and for certain notices and other information IBM must provide to you under its license to certain software code. The relevant terms and conditions, notices and other information are provided or referenced below. Please note that any non-English version of the licenses below is unofficial and is provided to you for your convenience only. The English version of the licenses below, provided as part of the English version of this file, is the official version.
   
   Notwithstanding the terms and conditions of any other agreement you may have with IBM or any of its related or affiliated entities (collectively "IBM"), the third party software code identified below are "Excluded Components" and are subject to the following terms and conditions:

   • the Excluded Components are provided on an "AS IS" basis

   • IBM DISCLAIMS ANY AND ALL EXPRESS AND IMPLIED WARRANTIES AND CONDITIONS WITH RESPECT TO THE EXCLUDED COMPONENTS, INCLUDING, BUT NOT LIMITED TO, THE WARRANTY OF NON-INFRINGEMENT OR INTERFERENCE AND THE IMPLIED WARRANTIES AND CONDITIONS OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE

   • IBM will not be liable to you or indemnify you for any claims related to the Excluded Components

   • IBM will not be liable for any direct, indirect, incidental, special, exemplary, punitive or consequential damages with respect to the Excluded Components.

   End of Document