You are viewing a plain text version of this content. The canonical link for it is here.
Posted to server-dev@james.apache.org by "Stefano Bagnara (JIRA)" <se...@james.apache.org> on 2007/07/18 23:33:05 UTC
[jira] Commented: (JAMES-782) Add docs howto use SSL with JAVA6 [
was: SSL support not work with JAVA6]
[ https://issues.apache.org/jira/browse/JAMES-782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513725 ]
Stefano Bagnara commented on JAMES-782:
---------------------------------------
Well, in fact I read it in the docs :-)
Directly from our config.xml:
<!-- In order to use the ssl factory under Java 1.5 and support all Clients -->
<!-- (particularly Mozilla Thunderbird) you need to install the Sun JCE -->
<!-- provider in your environment (james/lib) -->
<!-- e.g: jre/lib/ext/sunjce_provider.jar -->
Maybe this should be extended to Java 6 and added also to FAQ, if you want.
> Add docs howto use SSL with JAVA6 [ was: SSL support not work with JAVA6]
> -------------------------------------------------------------------------
>
> Key: JAMES-782
> URL: https://issues.apache.org/jira/browse/JAMES-782
> Project: James
> Issue Type: Task
> Affects Versions: 2.2.0, 2.3.0, 2.3.1, Next Minor, Next Major, Trunk
> Reporter: Norman Maurer
>
> From ML:
> Hi all,
> I'm running a build of svn trunk on java6 and I'm experiencing some
> security related errors.
> My colleague running james 2.2 on java 6 is also experiencing security
> related issues with the same Exceptions.
> in the pop3serevr log I get:
> 18/12/06 10:27:14 ERROR pop3server-tls: Exception handling socket to
> 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
> shutdown: javax.net.ssl.SSLExcepti
> on: java.lang.RuntimeException: Could not generate dummy secret
> javax.net.ssl.SSLException: Connection has been shutdown:
> javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
> generate dummy secret
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
> at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
> at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
> at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
> at org.apache.james.pop3server.POP3Handler.readCommandLine(POP3Handler.java:316)
> at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:211)
> at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
> at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
> at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
> at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
> Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
> Could not generate dummy secret
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
> at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
> at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
> at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
> at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> at java.io.PrintWriter.flush(PrintWriter.java:276)
> at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
> at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
> at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
> at org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:188)
> ... 4 more
> Caused by: java.lang.RuntimeException: Could not generate dummy secret
> at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:158)
> at com.sun.net.ssl.internal.ssl.Handshaker.calculateMasterSecret(Handshaker.java:680)
> at com.sun.net.ssl.internal.ssl.Handshaker.calculateKeys(Handshaker.java:631)
> at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:204)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
> ... 15 more
> Caused by: java.security.NoSuchAlgorithmException:
> SunTlsRsaPremasterSecret KeyGenerator not available
> at javax.crypto.KeyGenerator.<init>(DashoA13*..)
> at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
> at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
> at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:152)
> ... 24 more
> and in the smtpserver log i get
> 18/12/06 11:20:04 ERROR smtpserver-tls: Exception handling socket to
> 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been
> shutdown: javax.net.ssl.SSLExcepti
> on: java.lang.RuntimeException: Could not generate secret
> javax.net.ssl.SSLException: Connection has been shutdown:
> javax.net.ssl.SSLException: java.lang.RuntimeException: Could not
> generate secret
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172)
> at com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65)
> at java.io.BufferedInputStream.fill(BufferedInputStream.java:218)
> at java.io.BufferedInputStream.read(BufferedInputStream.java:237)
> at org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158)
> at org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115)
> at org.apache.james.smtpserver.SMTPHandler.readCommandLine(SMTPHandler.java:503)
> at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:254)
> at org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259)
> at org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468)
> at org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
> at org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
> Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException:
> Could not generate secret
> at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64)
> at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
> at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
> at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
> at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> at java.io.PrintWriter.flush(PrintWriter.java:276)
> at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94)
> at org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191)
> at org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399)
> at org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:207)
> ... 4 more
> Caused by: java.lang.RuntimeException: Could not generate secret
> at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:168)
> at com.sun.net.ssl.internal.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:981)
> at com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:184)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621)
> at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
> ... 15 more
> Caused by: java.security.NoSuchAlgorithmException: Unsupported secret
> key algorithm: TlsPremasterSecret
> at com.sun.crypto.provider.DHKeyAgreement.engineGenerateSecret(DashoA6275)
> at javax.crypto.KeyAgreement.generateSecret(DashoA13*..)
> at com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:166)
> ... 23 more
> This looks like it could be a problem associated with a move from
> java5 to java6, but I'm not sure how to fix it.
> Any help from you guys would be appreciated.
> Thanks,
> Kev
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: server-dev-unsubscribe@james.apache.org
For additional commands, e-mail: server-dev-help@james.apache.org