开发者

SunTlsRsaPremasterSecret KeyGenerator not available

I encountered an error when my application tries to load a RSA Algorithm provider class from JAVA. The exception stack is as follow:

javax.jms.JMSException: RSA premaster secret error
at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:49)
at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1255)
at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1350)
at org.apache.activemq.ActiveMQConnection.setClientID(ActiveMQConnection.java:388)
at com.trendmicro.tmsm.TMSMAgent.open(TMSMAgent.java:63)

Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:97)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:634)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at org.apache.activemq.transport.tcp.TcpBufferedOutputStream.flush(TcpBufferedOutputStream.java:115)
at java.io.DataOutputStream.flush(DataOutputStream.java:106)
at org.apache.activemq.transport.tcp.TcpTransport.oneway(TcpTransport.java:167)
at org.apache.act开发者_如何学运维ivemq.transport.InactivityMonitor.oneway(InactivityMonitor.java:237)
at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:168)
at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:84)
at org.apache.activemq.transport.WireFormatNegotiator.start(WireFormatNegotiator.java:74)
at org.apache.activemq.transport.failover.FailoverTransport.doReconnect(FailoverTransport.java:715)
at org.apache.activemq.transport.failover.FailoverTransport$2.iterate(FailoverTransport.java:115)
at org.apache.activemq.thread.PooledTaskRunner.runTask(PooledTaskRunner.java:122)
at org.apache.activemq.thread.PooledTaskRunner$1.run(PooledTaskRunner.java:43)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:637)

Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(DashoA13*..)
at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:89)
... 22 more

I've googled the error message and most of posts says it's because JVM cannot find sunjce_provider.jar. However, I can find the file in /Library/Java/Home/lib/ext folder.

The platform is Mac OS X 10.6 and Java version is 1.6.0_17.

My questions are:

  1. Why JVM does not search /Library/Java/Home/lib/ext for jar files?
  2. Can we change CLASSPATH or java.ext.dirs property by modify any config file?
  3. Any suggestion to solve this problem?

Thanks in advance.


I've had the same problem after upgrading to new Java version on Mac. My (maven) project ran OK from command line but got the "SunTlsRsaPremasterSecret" error in Eclipse.

The solution was to remove Installed JREs in Eclipse configuration and add them again (using the "Search..." button).


had a similar issue. Adding the classpath to the ext directory fixed it for me. This fix worked for me on windows 7 with java 1.6

java -Djava.ext.dirs=lib -classpath "%java_home%\lib\ext\*" myapp.jar 


I think we find the root cause so here is an answer of my own question.

  1. the Java system property "java.ext.dirs" in Mac OS X 10.5 is: /Library/Java/Extensions:/System/Library/Java/Extensions:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext. The sunjce_provider.jar should be in /System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext but also be found in /Library/Java/Extensions/ in the problem mac.

  2. the sunjce_provider.jar in /Library/Java/Extensions/ belongs to Java Cryptography Extension(JCE) 1.2.2, which has been installed in the mac. JCE 1.2.2 is an optional package of J2SE 1.3.1 and may not includes enough libraries for J2SE 1.4 and later.

  3. the Java applcation works normally after all JCE 1.2.2 related jar files have been removed from /Library/Java/Extensions/.


It happened to me while launching the tomcat server from eclipse. I solved it by changing the configuration in Windows -> Preferences -> Java -> Installed JREs -> Edit. I had to update all the JRE system libraries with the corresponding jars from the folders in:

  • %JAVA_HOME%/jre/lib/ext
  • %JAVA_HOME%/jre/lib/

It seems that after the last update I have changed the JRE_Home but forgot those libraries.

SunTlsRsaPremasterSecret KeyGenerator not available


I also had this issue, noticed that the problem was in my Eclipse configuration.

Window > Preferences > Java > Installed JREs > jdk8_64bit > Edit...

The path of my sunjce_provider.jar was pointing to jdk8_64bit\lib\ext\sunjce.provider.jar. It should point to the JRE's equivalent in jdk8_64bit\jre\lib\ext\sunjce.provider.jar.


Had to spend almost a day on this while trying to use JavaMail in Eclipse Luna. Tried all approaches suggested in various forums, but no luck.

Digged into the complete flow and found the exception arising due to Class is on BootClassPath

from KeyAgreement.getInstance()->JceSecurity.canUseProvider()->JceSecurity.getVerificationResult()->JarVerifier.verify()

void verify() throws JarException, IOException { if (jarURL == null) { throw new JarException("Class is on the bootclasspath"); }.......

I removed sunjce_provider jar from \ext\ folder and can send mail now. This might not be right but atleast a quick workaround.

Refer Eclipse bug.


I know, I am joining late here. But for me, this error came suddenly as soon as I changed the Preference -> Java -> Installed JREs -> Execution Environments as JavaSE-1.8 to jdk1.8 path. But it should be jre1.8 path.

I don't know why is it happening now. But It sorted the problem.


Probable solution: Check if jdk path is set till C:\Program Files\Java\jdk1.8.0_171 but not including bin


In my case, I got above same issue, after reading above solutions, I changed JRE Definition and Restore Default. It is working fine now.

SunTlsRsaPremasterSecret KeyGenerator not available

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜