You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@struts.apache.org by Michael McGrady <mi...@michaelmcgrady.com> on 2004/03/27 05:14:45 UTC
Tomcat -- JSP -- KeyPairGenerator -- Security Exception
When I am using Tomcat I get a security exception when I try to access a
java.security.KeyPairGenerator for a Diffie-Hellman key pair. I don't get
it with other servers. Anyone know why this is?
java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
java.security.Security.getEngineClassName(Security.java:583)
java.security.Security.getEngineClassName(Security.java:594)
java.security.Security.getImpl(Security.java:1043)
java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:204)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Niall Pemberton <ni...@blueyonder.co.uk>.
Sorry couldn't be much help and I don't know who has this expertise.
I haven't read it, but the sample chapter for O'Reilly's Tomcat book is on
security - so I don't know if that might help:
http://www.oreilly.com/catalog/tomcat/chapter/ch06.pdf
Niall
----- Original Message -----
From: "Michael McGrady" <mi...@michaelmcgrady.com>
To: "Struts Users Mailing List" <us...@struts.apache.org>
Sent: Saturday, March 27, 2004 3:34 PM
Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> I really appreciate your effort on this Niall. I am at a loss
> presently. I suspect it is Tomcat that is the problem, since I have no
> trouble with running a DH generator from the command line. But, why
Tomcat
> should be the problem is beyond me. I would imagine it must be because
> there is some web security issue arising. But this is all just wild
> speculation. I really have no idea what is up. Do you know anyone on the
> list who is particularly expert in this area, other than the usual
suspects
> like Craig, who get used too much?
>
> At 03:52 AM 3/27/2004, you wrote:
> >Sorry, that one line reply of mine is about the limit of my knowledge.
> >Looking at the SSL docs for Tomcat 5, it has a section on configuring
JSSE -
> >but it says if you are using Java 1.4.x you can skip the whole step. It
also
> >says in the troubleshooting at the end that if you get
> >"java.security.NoSuchAlgorithmException" errors then its because the JVM
> >cannot find the JSSE JAR files.
> >
> >http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
> >
> >I don't know if these are any use, but I found these in the Tomcat User
> >List:
> >
> >http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg119351.html
> >http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg102382.html
> >
> >
> >Niall
> >
> >----- Original Message -----
> >From: "Michael McGrady" <mi...@michaelmcgrady.com>
> >To: "Struts Users Mailing List" <us...@struts.apache.org>
> >Sent: Saturday, March 27, 2004 7:59 AM
> >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> >
> >
> > > Also, Niall, from the same j2se I can use the KeyPairGenerator for
> > > Diffie-Hellman by running main through a command line, but not through
> > > Tomcat. So, my reasoning is that it has to be Tomcat? No? I know
that
> > > through Tomcat it seems to access SunJSSE but not through the command
> > > line. What is going on is beyond me at the present. I don't know
enough
> > > about JSSE to sort this out, I think. I may be wrong about the
problem,
> > > however.
> > >
> > > At 10:37 PM 3/26/2004, you wrote:
> > > >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works
for
> >RSA,
> > > >but not DH - when I switch to Java 1.4.2_01, everything is OK.
> > > >
> > > >Niall
> > > >
> > > >----- Original Message -----
> > > >From: "Michael McGrady" <mi...@michaelmcgrady.com>
> > > >To: "Struts Users Mailing List" <us...@struts.apache.org>
> > > >Sent: Saturday, March 27, 2004 4:56 AM
> > > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> > > >
> > > >
> > > > > I find that Tomcat has the JCE.jar without a KeyPairGenerator
class.
> >Yet,
> > > > > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > > > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > > > > sunjce_provider.jar have DH keys. I just cannot figure what is
going
> >on
> > > > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/.
> >HELP!
> > > >LOL!
> > > > >
> > > > > At 08:14 PM 3/26/2004, you wrote:
> > > > > >When I am using Tomcat I get a security exception when I try to
> >access a
> > > > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I
> >don't
> > > >get
> > > > > >it with other servers. Anyone know why this is?
> > > > > >
> > > > > >
> > > > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not
> >available
> > > > > >
java.security.Security.getEngineClassName(Security.java:583)
> > > > > >
java.security.Security.getEngineClassName(Security.java:594)
> > > > > > java.security.Security.getImpl(Security.java:1043)
> > > > > >
> > > >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > > > > >
> > > >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > > > > >
> > > >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > > > >
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > > >
> > > > >
> > > >
> >
>org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
> > > >204)
> > > > > >
> > > > >
> >
>org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > > > > >
> > > >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > > > >
javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > > >
> > > > > >
> > > > > >
> > > > > >
> > > > >
> > > > >
> > > > >
> > > >
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > > For additional commands, e-mail: user-help@struts.apache.org
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > >---------------------------------------------------------------------
> > > >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > >For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > >
> >
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> >For additional commands, e-mail: user-help@struts.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
I really appreciate your effort on this Niall. I am at a loss
presently. I suspect it is Tomcat that is the problem, since I have no
trouble with running a DH generator from the command line. But, why Tomcat
should be the problem is beyond me. I would imagine it must be because
there is some web security issue arising. But this is all just wild
speculation. I really have no idea what is up. Do you know anyone on the
list who is particularly expert in this area, other than the usual suspects
like Craig, who get used too much?
At 03:52 AM 3/27/2004, you wrote:
>Sorry, that one line reply of mine is about the limit of my knowledge.
>Looking at the SSL docs for Tomcat 5, it has a section on configuring JSSE -
>but it says if you are using Java 1.4.x you can skip the whole step. It also
>says in the troubleshooting at the end that if you get
>"java.security.NoSuchAlgorithmException" errors then its because the JVM
>cannot find the JSSE JAR files.
>
>http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
>
>I don't know if these are any use, but I found these in the Tomcat User
>List:
>
>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg119351.html
>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg102382.html
>
>
>Niall
>
>----- Original Message -----
>From: "Michael McGrady" <mi...@michaelmcgrady.com>
>To: "Struts Users Mailing List" <us...@struts.apache.org>
>Sent: Saturday, March 27, 2004 7:59 AM
>Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>
>
> > Also, Niall, from the same j2se I can use the KeyPairGenerator for
> > Diffie-Hellman by running main through a command line, but not through
> > Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that
> > through Tomcat it seems to access SunJSSE but not through the command
> > line. What is going on is beyond me at the present. I don't know enough
> > about JSSE to sort this out, I think. I may be wrong about the problem,
> > however.
> >
> > At 10:37 PM 3/26/2004, you wrote:
> > >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for
>RSA,
> > >but not DH - when I switch to Java 1.4.2_01, everything is OK.
> > >
> > >Niall
> > >
> > >----- Original Message -----
> > >From: "Michael McGrady" <mi...@michaelmcgrady.com>
> > >To: "Struts Users Mailing List" <us...@struts.apache.org>
> > >Sent: Saturday, March 27, 2004 4:56 AM
> > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> > >
> > >
> > > > I find that Tomcat has the JCE.jar without a KeyPairGenerator class.
>Yet,
> > > > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > > > sunjce_provider.jar have DH keys. I just cannot figure what is going
>on
> > > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/.
>HELP!
> > >LOL!
> > > >
> > > > At 08:14 PM 3/26/2004, you wrote:
> > > > >When I am using Tomcat I get a security exception when I try to
>access a
> > > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I
>don't
> > >get
> > > > >it with other servers. Anyone know why this is?
> > > > >
> > > > >
> > > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not
>available
> > > > > java.security.Security.getEngineClassName(Security.java:583)
> > > > > java.security.Security.getEngineClassName(Security.java:594)
> > > > > java.security.Security.getImpl(Security.java:1043)
> > > > >
> > >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > > > >
> > >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > > > >
> > >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > >
> > > >
> > >
> >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
> > >204)
> > > > >
> > > >
> >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > > > >
> > >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > >---------------------------------------------------------------------
> > >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > >For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
SOLUTION
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
For some reason Tomcat is not seeing the com.sun.crypto.provider package in
jre/lib/ext. The work around is to put the SunJCE provider
(sunjce_provider.jar) into commons/lib of Tomcat and to then add the
provider manually with
Security.addProvider(new com.sun.crypto.provider.SunJCE()). Why this is
necessary is a quandry to me. If I had a clue why this was happening, I
would try to fix it. But, this is not my area of expertise and I am stumped.
At 08:17 AM 3/27/2004, you wrote:
>For some reason, Tomcat is not seeing the com.sun.crypto.provider package
>in jre/lib/ext. Anyone have an idea why this would be? I tried
>Security.addProvider(new com.sun.crypto.provider.SunJCE(), and got
>"package com.sun.crypto.provider does not exist". Any ideas out there?
>
>At 03:52 AM 3/27/2004, Niall Pemberton wrote:
>>Sorry, that one line reply of mine is about the limit of my knowledge.
>>Looking at the SSL docs for Tomcat 5, it has a section on configuring JSSE -
>>but it says if you are using Java 1.4.x you can skip the whole step. It also
>>says in the troubleshooting at the end that if you get
>>"java.security.NoSuchAlgorithmException" errors then its because the JVM
>>cannot find the JSSE JAR files.
>>
>>http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
>>
>>I don't know if these are any use, but I found these in the Tomcat User
>>List:
>>
>>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg119351.html
>>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg102382.html
>>
>>
>>Niall
>>
>>----- Original Message -----
>>From: "Michael McGrady" <mi...@michaelmcgrady.com>
>>To: "Struts Users Mailing List" <us...@struts.apache.org>
>>Sent: Saturday, March 27, 2004 7:59 AM
>>Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>>
>>
>> > Also, Niall, from the same j2se I can use the KeyPairGenerator for
>> > Diffie-Hellman by running main through a command line, but not through
>> > Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that
>> > through Tomcat it seems to access SunJSSE but not through the command
>> > line. What is going on is beyond me at the present. I don't know enough
>> > about JSSE to sort this out, I think. I may be wrong about the problem,
>> > however.
>> >
>> > At 10:37 PM 3/26/2004, you wrote:
>> > >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for
>>RSA,
>> > >but not DH - when I switch to Java 1.4.2_01, everything is OK.
>> > >
>> > >Niall
>> > >
>> > >----- Original Message -----
>> > >From: "Michael McGrady" <mi...@michaelmcgrady.com>
>> > >To: "Struts Users Mailing List" <us...@struts.apache.org>
>> > >Sent: Saturday, March 27, 2004 4:56 AM
>> > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>> > >
>> > >
>> > > > I find that Tomcat has the JCE.jar without a KeyPairGenerator class.
>>Yet,
>> > > > when I go for KeyPairGenerator.getInstance("RSA") it works but
>> > > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
>> > > > sunjce_provider.jar have DH keys. I just cannot figure what is going
>>on
>> > > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/.
>>HELP!
>> > >LOL!
>> > > >
>> > > > At 08:14 PM 3/26/2004, you wrote:
>> > > > >When I am using Tomcat I get a security exception when I try to
>>access a
>> > > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I
>>don't
>> > >get
>> > > > >it with other servers. Anyone know why this is?
>> > > > >
>> > > > >
>> > > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not
>>available
>> > > > > java.security.Security.getEngineClassName(Security.java:583)
>> > > > > java.security.Security.getEngineClassName(Security.java:594)
>> > > > > java.security.Security.getImpl(Security.java:1043)
>> > > > >
>> > >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
>> > > > >
>> > >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
>> > > > >
>> > >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
>> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
>> > > > >
>> > > >
>> > >
>> >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
>> > >204)
>> > > > >
>> > > >
>> >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
>> > > > >
>> > >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
>> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
>> > > > >
>> > > > >
>> > > > >
>> > > > >
>> > > >
>> > > >
>> > > >
>> > > > ---------------------------------------------------------------------
>> > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> > > > For additional commands, e-mail: user-help@struts.apache.org
>> > > >
>> > > >
>> > > >
>> > >
>> > >
>> > >
>> > >---------------------------------------------------------------------
>> > >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> > >For additional commands, e-mail: user-help@struts.apache.org
>> >
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>> > For additional commands, e-mail: user-help@struts.apache.org
>> >
>> >
>> >
>>
>>
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>>For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
For some reason, Tomcat is not seeing the com.sun.crypto.provider package
in jre/lib/ext. Anyone have an idea why this would be? I tried
Security.addProvider(new com.sun.crypto.provider.SunJCE(), and got "package
com.sun.crypto.provider does not exist". Any ideas out there?
At 03:52 AM 3/27/2004, Niall Pemberton wrote:
>Sorry, that one line reply of mine is about the limit of my knowledge.
>Looking at the SSL docs for Tomcat 5, it has a section on configuring JSSE -
>but it says if you are using Java 1.4.x you can skip the whole step. It also
>says in the troubleshooting at the end that if you get
>"java.security.NoSuchAlgorithmException" errors then its because the JVM
>cannot find the JSSE JAR files.
>
>http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
>
>I don't know if these are any use, but I found these in the Tomcat User
>List:
>
>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg119351.html
>http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg102382.html
>
>
>Niall
>
>----- Original Message -----
>From: "Michael McGrady" <mi...@michaelmcgrady.com>
>To: "Struts Users Mailing List" <us...@struts.apache.org>
>Sent: Saturday, March 27, 2004 7:59 AM
>Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>
>
> > Also, Niall, from the same j2se I can use the KeyPairGenerator for
> > Diffie-Hellman by running main through a command line, but not through
> > Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that
> > through Tomcat it seems to access SunJSSE but not through the command
> > line. What is going on is beyond me at the present. I don't know enough
> > about JSSE to sort this out, I think. I may be wrong about the problem,
> > however.
> >
> > At 10:37 PM 3/26/2004, you wrote:
> > >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for
>RSA,
> > >but not DH - when I switch to Java 1.4.2_01, everything is OK.
> > >
> > >Niall
> > >
> > >----- Original Message -----
> > >From: "Michael McGrady" <mi...@michaelmcgrady.com>
> > >To: "Struts Users Mailing List" <us...@struts.apache.org>
> > >Sent: Saturday, March 27, 2004 4:56 AM
> > >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> > >
> > >
> > > > I find that Tomcat has the JCE.jar without a KeyPairGenerator class.
>Yet,
> > > > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > > > sunjce_provider.jar have DH keys. I just cannot figure what is going
>on
> > > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/.
>HELP!
> > >LOL!
> > > >
> > > > At 08:14 PM 3/26/2004, you wrote:
> > > > >When I am using Tomcat I get a security exception when I try to
>access a
> > > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I
>don't
> > >get
> > > > >it with other servers. Anyone know why this is?
> > > > >
> > > > >
> > > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not
>available
> > > > > java.security.Security.getEngineClassName(Security.java:583)
> > > > > java.security.Security.getEngineClassName(Security.java:594)
> > > > > java.security.Security.getImpl(Security.java:1043)
> > > > >
> > >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > > > >
> > >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > > > >
> > >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > >
> > > >
> > >
> >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
> > >204)
> > > > >
> > > >
> >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > > > >
> > >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > > >
> > > > >
> > > > >
> > > > >
> > > >
> > > >
> > > >
> > > > ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > > For additional commands, e-mail: user-help@struts.apache.org
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > >---------------------------------------------------------------------
> > >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > >For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Niall Pemberton <ni...@blueyonder.co.uk>.
Sorry, that one line reply of mine is about the limit of my knowledge.
Looking at the SSL docs for Tomcat 5, it has a section on configuring JSSE -
but it says if you are using Java 1.4.x you can skip the whole step. It also
says in the troubleshooting at the end that if you get
"java.security.NoSuchAlgorithmException" errors then its because the JVM
cannot find the JSSE JAR files.
http://jakarta.apache.org/tomcat/tomcat-5.0-doc/ssl-howto.html
I don't know if these are any use, but I found these in the Tomcat User
List:
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg119351.html
http://www.mail-archive.com/tomcat-user@jakarta.apache.org/msg102382.html
Niall
----- Original Message -----
From: "Michael McGrady" <mi...@michaelmcgrady.com>
To: "Struts Users Mailing List" <us...@struts.apache.org>
Sent: Saturday, March 27, 2004 7:59 AM
Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> Also, Niall, from the same j2se I can use the KeyPairGenerator for
> Diffie-Hellman by running main through a command line, but not through
> Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that
> through Tomcat it seems to access SunJSSE but not through the command
> line. What is going on is beyond me at the present. I don't know enough
> about JSSE to sort this out, I think. I may be wrong about the problem,
> however.
>
> At 10:37 PM 3/26/2004, you wrote:
> >I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for
RSA,
> >but not DH - when I switch to Java 1.4.2_01, everything is OK.
> >
> >Niall
> >
> >----- Original Message -----
> >From: "Michael McGrady" <mi...@michaelmcgrady.com>
> >To: "Struts Users Mailing List" <us...@struts.apache.org>
> >Sent: Saturday, March 27, 2004 4:56 AM
> >Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> >
> >
> > > I find that Tomcat has the JCE.jar without a KeyPairGenerator class.
Yet,
> > > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > > sunjce_provider.jar have DH keys. I just cannot figure what is going
on
> > > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/.
HELP!
> >LOL!
> > >
> > > At 08:14 PM 3/26/2004, you wrote:
> > > >When I am using Tomcat I get a security exception when I try to
access a
> > > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I
don't
> >get
> > > >it with other servers. Anyone know why this is?
> > > >
> > > >
> > > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not
available
> > > > java.security.Security.getEngineClassName(Security.java:583)
> > > > java.security.Security.getEngineClassName(Security.java:594)
> > > > java.security.Security.getImpl(Security.java:1043)
> > > >
> >java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > > >
> >org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > > >
> >org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > >
> > >
> >
>org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
> >204)
> > > >
> > >
>org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > > >
> >org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > > >
> > > >
> > > >
> > > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > > For additional commands, e-mail: user-help@struts.apache.org
> > >
> > >
> > >
> >
> >
> >
> >---------------------------------------------------------------------
> >To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> >For additional commands, e-mail: user-help@struts.apache.org
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
Also, Niall, from the same j2se I can use the KeyPairGenerator for
Diffie-Hellman by running main through a command line, but not through
Tomcat. So, my reasoning is that it has to be Tomcat? No? I know that
through Tomcat it seems to access SunJSSE but not through the command
line. What is going on is beyond me at the present. I don't know enough
about JSSE to sort this out, I think. I may be wrong about the problem,
however.
At 10:37 PM 3/26/2004, you wrote:
>I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for RSA,
>but not DH - when I switch to Java 1.4.2_01, everything is OK.
>
>Niall
>
>----- Original Message -----
>From: "Michael McGrady" <mi...@michaelmcgrady.com>
>To: "Struts Users Mailing List" <us...@struts.apache.org>
>Sent: Saturday, March 27, 2004 4:56 AM
>Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>
>
> > I find that Tomcat has the JCE.jar without a KeyPairGenerator class. Yet,
> > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > sunjce_provider.jar have DH keys. I just cannot figure what is going on
> > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/. HELP!
>LOL!
> >
> > At 08:14 PM 3/26/2004, you wrote:
> > >When I am using Tomcat I get a security exception when I try to access a
> > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I don't
>get
> > >it with other servers. Anyone know why this is?
> > >
> > >
> > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
> > > java.security.Security.getEngineClassName(Security.java:583)
> > > java.security.Security.getEngineClassName(Security.java:594)
> > > java.security.Security.getImpl(Security.java:1043)
> > >
>java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > >
>org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > >
>org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > >
> >
> >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
>204)
> > >
> > >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > >
>org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > >
> > >
> > >
> > >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
With Resin 2.1.x and j2se 1_4_0_1 I have no problem. With Tomcat 5_0 and
j2se 1_4_1 I get the problem.
At 10:37 PM 3/26/2004, you wrote:
>I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for RSA,
>but not DH - when I switch to Java 1.4.2_01, everything is OK.
>
>Niall
>
>----- Original Message -----
>From: "Michael McGrady" <mi...@michaelmcgrady.com>
>To: "Struts Users Mailing List" <us...@struts.apache.org>
>Sent: Saturday, March 27, 2004 4:56 AM
>Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
>
>
> > I find that Tomcat has the JCE.jar without a KeyPairGenerator class. Yet,
> > when I go for KeyPairGenerator.getInstance("RSA") it works but
> > KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> > sunjce_provider.jar have DH keys. I just cannot figure what is going on
> > here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/. HELP!
>LOL!
> >
> > At 08:14 PM 3/26/2004, you wrote:
> > >When I am using Tomcat I get a security exception when I try to access a
> > >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I don't
>get
> > >it with other servers. Anyone know why this is?
> > >
> > >
> > >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
> > > java.security.Security.getEngineClassName(Security.java:583)
> > > java.security.Security.getEngineClassName(Security.java:594)
> > > java.security.Security.getImpl(Security.java:1043)
> > >
>java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> > >
>org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> > >
>org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > >
> >
> >org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
>204)
> > >
> > >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> > >
>org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> > >
> > >
> > >
> > >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> > For additional commands, e-mail: user-help@struts.apache.org
> >
> >
> >
>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
>For additional commands, e-mail: user-help@struts.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Niall Pemberton <ni...@blueyonder.co.uk>.
I get the same problem when tomcat uses Java 1.3.1_04 - i.e. works for RSA,
but not DH - when I switch to Java 1.4.2_01, everything is OK.
Niall
----- Original Message -----
From: "Michael McGrady" <mi...@michaelmcgrady.com>
To: "Struts Users Mailing List" <us...@struts.apache.org>
Sent: Saturday, March 27, 2004 4:56 AM
Subject: Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
> I find that Tomcat has the JCE.jar without a KeyPairGenerator class. Yet,
> when I go for KeyPairGenerator.getInstance("RSA") it works but
> KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
> sunjce_provider.jar have DH keys. I just cannot figure what is going on
> here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/. HELP!
LOL!
>
> At 08:14 PM 3/26/2004, you wrote:
> >When I am using Tomcat I get a security exception when I try to access a
> >java.security.KeyPairGenerator for a Diffie-Hellman key pair. I don't
get
> >it with other servers. Anyone know why this is?
> >
> >
> >java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
> > java.security.Security.getEngineClassName(Security.java:583)
> > java.security.Security.getEngineClassName(Security.java:594)
> > java.security.Security.getImpl(Security.java:1043)
> >
java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> >
org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> >
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >
>
>org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:
204)
> >
> >org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> >
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> > javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >
> >
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
> For additional commands, e-mail: user-help@struts.apache.org
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org
Re: Tomcat -- JSP -- KeyPairGenerator -- Security Exception
Posted by Michael McGrady <mi...@michaelmcgrady.com>.
I find that Tomcat has the JCE.jar without a KeyPairGenerator class. Yet,
when I go for KeyPairGenerator.getInstance("RSA") it works but
KeyPairGenerator.getInstance("DH") does not. Both jce.jar and
sunjce_provider.jar have DH keys. I just cannot figure what is going on
here. sunjce_provider.jar has KeyPairGenerator in jre/lib/ext/. HELP! LOL!
At 08:14 PM 3/26/2004, you wrote:
>When I am using Tomcat I get a security exception when I try to access a
>java.security.KeyPairGenerator for a Diffie-Hellman key pair. I don't get
>it with other servers. Anyone know why this is?
>
>
>java.security.NoSuchAlgorithmException: DH KeyPairGenerator not available
> java.security.Security.getEngineClassName(Security.java:583)
> java.security.Security.getEngineClassName(Security.java:594)
> java.security.Security.getImpl(Security.java:1043)
> java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:146)
> org.apache.jsp.TEST_KEYPAIR_jsp._jspService(TEST_KEYPAIR_jsp.java:57)
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:137)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
>
>org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:204)
>
>org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:295)
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:241)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@struts.apache.org
For additional commands, e-mail: user-help@struts.apache.org