Bugs item #1720156, was opened at 2007-05-17 02:44
Message generated for change (Comment added) made by pegacat
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=480577&aid=1720156&group_id=55394
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
Status: Open
Resolution: None
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: doesn't fully support Java 6: exception on connect
Initial Comment:
OS: MS Windows Vista Enterprise
jre: java 1.6.0
an exception occurs when connecting to an LDAP server using Java 6.0. On the
same machine with the same connection parameters, just switching to the 1.4.2
VM allowed the connection to work properly.
connection information:
protocol: LDAP v3
port: 636
level: SSL + User + Password
note: after pressing 'ok' on the connect screen, I was presented with a "Server
CA Certficate missing" dialog: "The ldap server you are connecting to is using
an unknown security certificate." However, I don't believe this has anything to
do with the exception (the same dialog appears when using the 1.4.2 VM and is
just a symptom of the way the ldap server is setup).
stack trace when using the Java 6 VM:
javax.naming.CommunicationException: simple bind failed: uisldap2.lsu.edu:636
[Root exception is javax.net.ssl.SSLKeyException: RSA premaster secret error]
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
at com.ca.commons.jndi.JNDIOps.openContext(JNDIOps.java:504)
at com.ca.commons.jndi.JNDIOps.<init>(JNDIOps.java:105)
at com.ca.commons.jndi.BasicOps.<init>(BasicOps.java:53)
at com.ca.commons.jndi.AdvancedOps.<init>(AdvancedOps.java:56)
at com.ca.commons.naming.DXOps.<init>(DXOps.java:39)
at
com.ca.directory.jxplorer.broker.CBGraphicsOps.<init>(CBGraphicsOps.java:45)
at
com.ca.directory.jxplorer.broker.JNDIBroker.openConnection(JNDIBroker.java:395)
at
com.ca.directory.jxplorer.broker.JNDIBroker.processRequest(JNDIBroker.java:360)
at com.ca.directory.jxplorer.broker.Broker.processQueue(Broker.java:158)
at
com.ca.directory.jxplorer.broker.JNDIBroker.processQueue(JNDIBroker.java:829)
at com.ca.directory.jxplorer.broker.Broker.run(Broker.java:124)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
... 24 more
Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret
KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(DashoA13*..)
at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(Unknown Source)
... 37 more
----------------------------------------------------------------------
>Comment By: Christopher Betts (pegacat)
Date: 2009-03-01 08:00
Message:
This is odd - this part of the code hasn't been touched for ages, and I
can't see why it would be different in java 1.4 vs java 1.6.
Is it possible that you are using different keystores? The error seems to
be implying there's something wrong with your RSA keys? Or you're using a
different security provider that doesn't support 'SunTlsRsa'?
... I'm not sure that this is a JX issue; it looks more like a security
environment issue; the errors are all deep in the Sun SSL code.
Is anyone else seeing this? And can you use SSL with other java 1.6 apps?
----------------------------------------------------------------------
Comment By: Robert J Townley (robertjtownley)
Date: 2009-02-28 21:02
Message:
is this supposed to be fixed in 3.2.1 rc2.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=480577&aid=1720156&group_id=55394
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Jxplorer-devel mailing list
Jxplorer-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jxplorer-devel
