Bugs item #1720156, was opened at 2007-05-16 09:44
Message generated for change (Comment added) made by pegacat
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=480577&aid=1720156&group_id=55394
Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: None
Group: None
>Status: Closed
>Resolution: Works For Me
Priority: 5
Private: No
Submitted By: Nobody/Anonymous (nobody)
Assigned to: Nobody/Anonymous (nobody)
Summary: doesn't fully support Java 6: exception on connect
Initial Comment:
OS: MS Windows Vista Enterprise
jre: java 1.6.0
an exception occurs when connecting to an LDAP server using Java 6.0. On the
same machine with the same connection parameters, just switching to the 1.4.2
VM allowed the connection to work properly.
connection information:
protocol: LDAP v3
port: 636
level: SSL + User + Password
note: after pressing 'ok' on the connect screen, I was presented with a "Server
CA Certficate missing" dialog: "The ldap server you are connecting to is using
an unknown security certificate." However, I don't believe this has anything to
do with the exception (the same dialog appears when using the 1.4.2 VM and is
just a symptom of the way the ldap server is setup).
stack trace when using the Java 6 VM:
javax.naming.CommunicationException: simple bind failed: uisldap2.lsu.edu:636
[Root exception is javax.net.ssl.SSLKeyException: RSA premaster secret error]
at com.sun.jndi.ldap.LdapClient.authenticate(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.connect(Unknown Source)
at com.sun.jndi.ldap.LdapCtx.<init>(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURL(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getUsingURLs(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getLdapCtxInstance(Unknown Source)
at com.sun.jndi.ldap.LdapCtxFactory.getInitialContext(Unknown Source)
at javax.naming.spi.NamingManager.getInitialContext(Unknown Source)
at javax.naming.InitialContext.getDefaultInitCtx(Unknown Source)
at javax.naming.InitialContext.init(Unknown Source)
at javax.naming.InitialContext.<init>(Unknown Source)
at javax.naming.directory.InitialDirContext.<init>(Unknown Source)
at com.ca.commons.jndi.JNDIOps.openContext(JNDIOps.java:504)
at com.ca.commons.jndi.JNDIOps.<init>(JNDIOps.java:105)
at com.ca.commons.jndi.BasicOps.<init>(BasicOps.java:53)
at com.ca.commons.jndi.AdvancedOps.<init>(AdvancedOps.java:56)
at com.ca.commons.naming.DXOps.<init>(DXOps.java:39)
at
com.ca.directory.jxplorer.broker.CBGraphicsOps.<init>(CBGraphicsOps.java:45)
at
com.ca.directory.jxplorer.broker.JNDIBroker.openConnection(JNDIBroker.java:395)
at
com.ca.directory.jxplorer.broker.JNDIBroker.processRequest(JNDIBroker.java:360)
at com.ca.directory.jxplorer.broker.Broker.processQueue(Broker.java:158)
at
com.ca.directory.jxplorer.broker.JNDIBroker.processQueue(JNDIBroker.java:829)
at com.ca.directory.jxplorer.broker.Broker.run(Broker.java:124)
at java.lang.Thread.run(Unknown Source)
Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(Unknown
Source)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown
Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown
Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at com.sun.jndi.ldap.Connection.writeRequest(Unknown Source)
at com.sun.jndi.ldap.LdapClient.ldapBind(Unknown Source)
... 24 more
Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret
KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(DashoA13*..)
at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(Unknown Source)
... 37 more
----------------------------------------------------------------------
>Comment By: Christopher Betts (pegacat)
Date: 2012-06-17 21:36
Message:
Looks like a problem with SSL handling in the jvm?
Let me know if this is still an issue with JX 3.3; I've had no other
reports of any ssl problems...?
----------------------------------------------------------------------
Comment By: Christopher Betts (pegacat)
Date: 2009-02-28 13:00
Message:
This is odd - this part of the code hasn't been touched for ages, and I
can't see why it would be different in java 1.4 vs java 1.6.
Is it possible that you are using different keystores? The error seems to
be implying there's something wrong with your RSA keys? Or you're using a
different security provider that doesn't support 'SunTlsRsa'?
... I'm not sure that this is a JX issue; it looks more like a security
environment issue; the errors are all deep in the Sun SSL code.
Is anyone else seeing this? And can you use SSL with other java 1.6 apps?
----------------------------------------------------------------------
Comment By: Robert J Townley (robertjtownley)
Date: 2009-02-28 02:02
Message:
is this supposed to be fixed in 3.2.1 rc2.
----------------------------------------------------------------------
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=480577&aid=1720156&group_id=55394
------------------------------------------------------------------------------
Live Security Virtual Conference
Exclusive live event will cover all the ways today's security and
threat landscape has changed and how IT managers can respond. Discussions
will include endpoint security, mobile security and the latest in malware
threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/
_______________________________________________
Jxplorer-devel mailing list
Jxplorer-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/jxplorer-devel
