You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@servicemix.apache.org by "Scott Parkerson (JIRA)" <ji...@apache.org> on 2010/06/23 23:06:51 UTC
[jira] Created: (SMX4-537) Startup script (bin/servicemix)
misconfigures java.ext.dirs, breaking things like SSL in CXF
Startup script (bin/servicemix) misconfigures java.ext.dirs, breaking things like SSL in CXF
--------------------------------------------------------------------------------------------
Key: SMX4-537
URL: https://issues.apache.org/activemq/browse/SMX4-537
Project: ServiceMix 4
Issue Type: Bug
Affects Versions: 4.2.0
Environment: FUSE ESB 4.2 (apache-servicemix-4.2.0-fuse-02-00)
java version "1.6.0_18"
Java(TM) SE Runtime Environment (build 1.6.0_18-b07)
Java HotSpot(TM) 64-Bit Server VM (build 16.0-b13, mixed mode)
$ which java
/usr/lib64/jvm/java-1.6.0-sun/bin/java
Another colleague duplicated this same problem with the same version of SMX on Windows (JDK 1.6.0_16).
Reporter: Scott Parkerson
In the startup script {{SMX_HOME/bin/servicemix}}, java.ext.dirs is being defined as such:
{noformat}
... -Djava.ext.dirs="${JAVA_HOME}/lib/ext:${KARAF_HOME}/lib/ext" ...
{noformat}
This is OK unless you need to use something that requires something in there, such as sunjce_providers.jar (when using SSL). Then you get nasty exceptions like this one:
{noformat}javax.net.ssl.SSLKeyException: RSA premaster secret error
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:97)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:634)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1139)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1123)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:166)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1049)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:234)
at com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentEntity(XMLEntityManager.java:677)
at com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDocVersion(XMLVersionDetector.java:186)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:772)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:119)
at com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.java:235)
at com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(DocumentBuilderImpl.java:284)
... 89 more
Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(DashoA13*..)
at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:89)
... 108 more
{noformat}
The fix I found is to correct the path to look like this:
{noformat}
... -Djava.ext.dirs="${JAVA_HOME}/jre/lib/ext:${KARAF_HOME}/lib/ext" ...
{noformat}
although that might not work in all cases. Perhaps this is a difference between the jre and jdk distributions?
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.