You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Yuval Kashtan <yu...@gmail.com> on 2006/11/15 16:59:37 UTC
Default SSL context init failed: SunX509 KeyManagerFacroty nor avilable
on IBM JVM
Hello,
I have a java application which uses SSL (alongside other cryptography
services).
When executed in Sun JVM it works just fine.
But when I try to execute on IBM JVM (AIX machine comes only with IBM JVM),
I get the following error:
appProceed
com.trisixtysecurity.agent.tools.AgentRegister(581)java.net.SocketException:
Default SSL context init failed: SunX509 KeyManagerFactory not available
->at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
Caused by: java.net.SocketException: Default SSL context init failed:
SunX509 KeyManagerFactory not available
->at
javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:5)
->at
org.apache.axis.components.net.JSSESocketFactory.create(JSSESocketFactory.java:92)
->at
org.apache.axis.transport.http.HTTPSender.getSocket(HTTPSender.java:191)
->at
org.apache.axis.transport.http.HTTPSender.writeToSocket(HTTPSender.java:404)
->at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:138)
->at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
->at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
->at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
->at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
->at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
->at org.apache.axis.client.Call.invoke(Call.java:2767)
->at org.apache.axis.client.Call.invoke(Call.java:2443)
->at org.apache.axis.client.Call.invoke(Call.java:2366)
->at org.apache.axis.client.Call.invoke(Call.java:1812)
->at
com.trisixtysecurity.agent.amapi.AgentManagerServiceSoapStub.confirmRegsitration(AgentManagerServiceSoapStub.
java:465)
->at
com.trisixtysecurity.agent.tools.AgentRegister.appProceed(AgentRegister.java:542)
->at
com.trisixtysecurity.agent.common.StdCommandLineApp.invoke(StdCommandLineApp.java:628)
->at
com.trisixtysecurity.agent.common.StdCommandLineApp.mainRoutine(StdCommandLineApp.java:710)
->at
com.trisixtysecurity.agent.tools.AgentRegister.main(AgentRegister.java:1166)
some additional trace:
Importing certificate serverSignCert.cer to truststore
/opt/TriSixty/Agent/conf/security/hbTest/agentTrusted.pfx
Imported certificate serverSignCert.cer to truststore
/opt/TriSixty/Agent/conf/security/hbTest/agentTrusted.pfx
X509KeyManager passed to SSLContext.init(): need an
X509ExtendedKeyManager for SSLEngine use
Installed Providers =
IBMJSSE2
IBMJCE
IBMJGSSProvider
IBMCertPath
IBMSASL
JsseJCE: Using SecureRandom from provider IBMJCE version 1.2
trigger seeding of SecureRandom
done seeding SecureRandom
JsseJCE: Using cipher AES/CBC/NoPadding from provider IBMJCE version 1.2
export control - checking the cipher suites
export control - no cached value available...
export control - storing legal entry into cache...
setting up default SSLSocketFactory
use default IbmJSSE2 impl class: com.ibm.jsse2.SSLSocketFactoryImpl
class com.ibm.jsse2.SSLSocketFactoryImpl is loaded
init keymanager of type SunX509
Default SSL context init failed: java.security.NoSuchAlgorithmException:
SunX509 KeyManagerFactory not available
use dummy SSLSocketFactory due to java.lang.RuntimeException: Default
SSL context init failed: SunX509 KeyManagerFac
tory not available
java.net.SocketException: Default SSL context init failed: SunX509
KeyManagerFactory not available
The code does not include any reference to com.sun.* or sun.* (even
though it used to).
I am using a privatly developed KeyManager and the keystore files are
all JKS format (I've tried also PKCS12 and JCEKS).
Any ideas on how to solve it will really be appreciated.
I would also be glad to hear from anyone who successfully used axis on
IBM AIX.
Also I've notices the following remark inside the code of
org.apache.axis.components.net:
///**
* SSL socket factory. It _requires_ a valid RSA key and
* JSSE. (borrowed code from tomcat)
*
* THIS CODE STILL HAS DEPENDENCIES ON sun.* and com.sun.*
*
* @author Davanum Srinivas (dims@yahoo.com)
*/
//Which seems to indicate that maybe the problem is in the axis code?
Thanks,
Yuval Kashtan.