You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Freeman Fang (JIRA)" <ji...@apache.org> on 2012/10/10 04:20:02 UTC
[jira] [Resolved] (SMX4-537) Startup script (bin/servicemix)
misconfigures java.ext.dirs, breaking things like SSL in CXF
[ https://issues.apache.org/jira/browse/SMX4-537?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Freeman Fang resolved SMX4-537.
-------------------------------
Resolution: Fixed
Fix Version/s: 4.5.0
now the
JAVA_EXT_DIRS="${JAVA_HOME}/jre/lib/ext:${JAVA_HOME}/lib/ext:${KARAF_HOME}/lib/ext"
which cover all possible ext folder.
> Startup script (bin/servicemix) misconfigures java.ext.dirs, breaking things like SSL in CXF
> --------------------------------------------------------------------------------------------
>
> Key: SMX4-537
> URL: https://issues.apache.org/jira/browse/SMX4-537
> Project: ServiceMix 4
> Issue Type: Bug
> Affects Versions: 4.2.0
> Environment: FUSE ESB 4.2 (apache-servicemix-4.2.0-fuse-02-00)
>
> java version "1.6.0_18"
> Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
> Java HotSpot(TM) 64-Bit Server VM (build 16.0-b13, mixed mode)
> $ which java
> /usr/lib64/jvm/java-1.6.0-sun/bin/java
> Another colleague duplicated this same problem with the same version of SMX on Windows (JDK 1.6.0_16).
> Reporter: Scott Parkerson
> Assignee: Freeman Fang
> Fix For: 4.5.0
>
>
> In the startup script {{SMX_HOME/bin/servicemix}}, java.ext.dirs is being defined as such:
> {noformat}
> ... -Djava.ext.dirs="${JAVA_HOME}/lib/ext:${KARAF_HOME}/lib/ext" ...
> {noformat}
> This is OK unless you need to use something that requires something in there, such as sunjce_providers.jar (when using SSL). Then you get nasty exceptions like this one:
> {noformat}javax.net.ssl.SSLKeyException: RSA premaster secret error
> at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:97)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:634)
> at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
> at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
> at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
> at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
> at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
> at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
> at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)
> at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
> at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:677)
> at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
> at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:772)
> at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
> at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
> at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:235)
> at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:284)
> ... 89 more
> Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
> at javax.crypto.KeyGenerator.<init>(DashoA13*..)
> at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
> at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
> at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:89)
> ... 108 more
> {noformat}
> The fix I found is to correct the path to look like this:
> {noformat}
> ... -Djava.ext.dirs="${JAVA_HOME}/jre/lib/ext:${KARAF_HOME}/lib/ext" ...
> {noformat}
> although that might not work in all cases. Perhaps this is a difference between the jre and jdk distributions?
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira