You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Freeman Fang (JIRA)" <ji...@apache.org> on 2012/10/10 04:20:02 UTC

[jira] [Resolved] (SMX4-537) Startup script (bin/servicemix) misconfigures java.ext.dirs, breaking things like SSL in CXF

     [ https://issues.apache.org/jira/browse/SMX4-537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Freeman Fang resolved SMX4-537.
-------------------------------

       Resolution: Fixed
    Fix Version/s: 4.5.0

now the
JAVA_EXT_DIRS="${JAVA_HOME}/jre/lib/ext:${JAVA_HOME}/lib/ext:${KARAF_HOME}/lib/ext"
which cover all possible ext folder.
                
> Startup script (bin/servicemix) misconfigures java.ext.dirs, breaking things like SSL in CXF
> --------------------------------------------------------------------------------------------
>
>                 Key: SMX4-537
>                 URL: https://issues.apache.org/jira/browse/SMX4-537
>             Project: ServiceMix 4
>          Issue Type: Bug
>    Affects Versions: 4.2.0
>         Environment: FUSE ESB 4.2 (apache-servicemix-4.2.0-fuse-02-00)
>  
>  java version "1.6.0_18"
> Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
> Java HotSpot(TM) 64-Bit Server VM (build 16.0-b13, mixed mode)
> $ which java
> /usr/lib64/jvm/java-1.6.0-sun/bin/java
> Another colleague duplicated this same problem with the same version of SMX on Windows (JDK 1.6.0_16).
>            Reporter: Scott Parkerson
>            Assignee: Freeman Fang
>             Fix For: 4.5.0
>
>
> In the startup script {{SMX_HOME/bin/servicemix}}, java.ext.dirs is being defined as such:
> {noformat}
>  ... -Djava.ext.dirs="${JAVA_HOME}/lib/ext:${KARAF_HOME}/lib/ext" ...
> {noformat}
> This is OK unless you need to use something that requires something in there, such as sunjce_providers.jar (when using SSL). Then you get nasty exceptions like this one:
> {noformat}javax.net.ssl.SSLKeyException: RSA premaster secret error
>         at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:97)
>         at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:634)
>         at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
>         at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
>         at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
>         at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
>         at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
>         at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
>         at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)
>         at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
>         at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:677)
>         at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
>         at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:772)
>         at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
>         at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
>         at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:235)
>         at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:284)
>         ... 89 more
> Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
>         at javax.crypto.KeyGenerator.<init>(DashoA13*..)
>         at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
>         at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
>         at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:89)
>         ... 108 more
> {noformat}
> The fix I found is to correct the path to look like this:
> {noformat}
>  ... -Djava.ext.dirs="${JAVA_HOME}/jre/lib/ext:${KARAF_HOME}/lib/ext" ...
> {noformat}
> although that might not work in all cases. Perhaps this is a difference between the jre and jdk distributions?

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira