Uploaded image for project: 'James Server'
  1. James Server
  2. JAMES-782

Add docs howto use SSL with JAVA6 [ was: SSL support not work with JAVA6]

    XMLWordPrintableJSON

Details

    • Task
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • 2.2.0, 2.3.0, 2.3.1, 2.3.2, 3.0.0, Trunk
    • None
    • None
    • None

    Description

      From ML:

      Hi all,

      I'm running a build of svn trunk on java6 and I'm experiencing some
      security related errors.

      My colleague running james 2.2 on java 6 is also experiencing security
      related issues with the same Exceptions.

      in the pop3serevr log I get:

      18/12/06 10:27:14 ERROR pop3server-tls: Exception handling socket to
      58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
      shutdown: javax.net.ssl.SSLExcepti
      on: java.lang.RuntimeException: Could not generate dummy secret
      javax.net.ssl.SSLException: Connection has been shutdown:
      javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
      generate dummy secret
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
      at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
      at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
      at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
      at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
      at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
      at org.apache.james.pop3server.POP3Handler.readCommandLine(POP3Handler.java:316)
      at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:211)
      at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
      at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
      at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
      at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
      Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
      Could not generate dummy secret
      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
      at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
      at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
      at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
      at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
      at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
      at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
      at java.io.BufferedWriter.flush(BufferedWriter.java:236)
      at java.io.PrintWriter.flush(PrintWriter.java:276)
      at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
      at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
      at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
      at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:188)
      ... 4 more
      Caused by: java.lang.RuntimeException: Could not generate dummy secret
      at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:158)
      at com.sun.net.ssl.internal.ssl.Handshaker.calculateMasterSecret(Handshaker.java:680)
      at com.sun.net.ssl.internal.ssl.Handshaker.calculateKeys(Handshaker.java:631)
      at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:204)
      at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
      at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
      at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
      ... 15 more
      Caused by: java.security.NoSuchAlgorithmException:
      SunTlsRsaPremasterSecret KeyGenerator not available
      at javax.crypto.KeyGenerator.<init>(DashoA13*..)
      at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
      at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
      at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:152)
      ... 24 more

      and in the smtpserver log i get
      18/12/06 11:20:04 ERROR smtpserver-tls: Exception handling socket to
      58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
      shutdown: javax.net.ssl.SSLExcepti
      on: java.lang.RuntimeException: Could not generate secret
      javax.net.ssl.SSLException: Connection has been shutdown:
      javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
      generate secret
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
      at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
      at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
      at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
      at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
      at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
      at org.apache.james.smtpserver.SMTPHandler.readCommandLine(SMTPHandler.java:503)
      at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:254)
      at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
      at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
      at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
      at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
      Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
      Could not generate secret
      at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
      at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
      at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
      at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
      at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
      at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
      at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
      at java.io.BufferedWriter.flush(BufferedWriter.java:236)
      at java.io.PrintWriter.flush(PrintWriter.java:276)
      at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
      at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
      at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
      at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:207)
      ... 4 more
      Caused by: java.lang.RuntimeException: Could not generate secret
      at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:168)
      at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:981)
      at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:184)
      at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
      at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
      at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
      at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
      ... 15 more
      Caused by: java.security.NoSuchAlgorithmException: Unsupported secret
      key algorithm: TlsPremasterSecret
      at com.sun.crypto.provider.DHKeyAgreement.engineGenerateSecret(DashoA6275)
      at javax.crypto.KeyAgreement.generateSecret(DashoA13*..)
      at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:166)
      ... 23 more

      This looks like it could be a problem associated with a move from
      java5 to java6, but I'm not sure how to fix it.

      Any help from you guys would be appreciated.

      Thanks,
      Kev

      Attachments

        Activity

          People

            Unassigned Unassigned
            norman Norman Maurer
            Votes:
            2 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: