Known side effects in WebSphere Application Server V8.5.5 Fix Pack 7

Before upgrading to WAS v8.5.5 Fixpack 7, make sure that you are referring to Known side effects section list in the Support Portal link.

Following information as gathered from IBM Support Portal Link.

• com.ibm.ws.webcontainer.disallowserveserveletsbyclassname has changed the default value from false to true due to security considerations. See Security Bulletin for more details.

• The java.security file needs to be manually updated to add:
  jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize <768.

  Adding this line to the java.security file will disable features exploited by Poodle, RC4 (Bar Mitzvah), and logjam vulnerabilities.

• SSLv3 will be disabled by default. See Security Bulletin for Vulnerability in SSLv3 affects IBM WebSphere Application Server (CVE-2014-3566)

• Recompilation needed for SIP application migrated from WebSphere 7.0 or below to WebSphere 7 With CEA feature pack or WebSphere 8.0 and above. See Technote for more details.

• WebSphere Application Server 8.5.5 may not start when using Java 7 after upgrading to fix pack 2 or later. See Technote for more details.

Out of the above 5 points, i faced issue mentioned in the last point, where WAS v8.5.5 may not start when using Java 7, where they mentioned the resolution in the technote.