Hi, In some case you need specify security provider to karaf, take a look at [1] to get more details, the "Deploying Security Providers" chapter
[1]http://karaf.apache.org/manual/latest-2.3.x/users-guide/security.html ------------- Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat Web: http://fusesource.com | http://www.redhat.com/ Twitter: freemanfang Blog: http://freemanfang.blogspot.com http://blog.sina.com.cn/u/1473905042 weibo: http://weibo.com/u/1473905042 On 2012-12-6, at 下午12:43, Guofeng Zhang wrote: > Hi, > > I tried to deploy Jetty SPDY on Karaf-3.0.0-SNAPSHOT, so I have to enable > HTTPS. But I got the following error. By copying sunjce_provider.jar from JRE > 7 to lib/ext (hint > fromhttp://www.jroller.com/robertburrelldonkin/entry/james_imaps), this > issue is solved and the HTTPS works well. But I do not think it is the right > way to duplicate it there. > > So what causes the issue ( Jetty miss importimg something)? or I do not > configure something required on Karaf? > > I use the lastest 3.0.0 SNAPSHOT. > > Thanks. > > Guofeng > > java.lang.RuntimeException: Could not generate DH keypair > at > sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1383)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:517)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:794)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:762)[:1.7.0_09] > at > javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)[:1.7.0_09] > at > org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:489)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.fill(NextProtoNegoServerConnection.java:99)[108:org.eclipse.jetty.spdy.server:9.0.0.M3] > at > org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.onFillable(NextProtoNegoServerConnection.java:67)[108:org.eclipse.jetty.spdy.server:9.0.0.M3] > at > org.eclipse.jetty.io.AbstractConnection$1.onCompleted(AbstractConnection.java:80)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.io.AbstractConnection$1.onCompleted(AbstractConnection.java:63)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.util.ExecutorCallback$1.run(ExecutorCallback.java:32)[98:org.eclipse.jetty.util:9.0.0.M3] > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:597)[98:org.eclipse.jetty.util:9.0.0.M3] > at > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:528)[98:org.eclipse.jetty.util:9.0.0.M3] > at java.lang.Thread.run(Thread.java:722)[:1.7.0_09] > Caused by: java.lang.RuntimeException: Could not generate DH keypair > at > sun.security.ssl.DHCrypt.<init>(DHCrypt.java:100)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.setupEphemeralDHKeys(ServerHandshaker.java:1263)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1125)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:970)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:663)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:200)[:1.7.0_09] > at > sun.security.ssl.Handshaker.processLoop(Handshaker.java:882)[:1.7.0_09] > at > sun.security.ssl.Handshaker$1.run(Handshaker.java:822)[:1.7.0_09] > at > sun.security.ssl.Handshaker$1.run(Handshaker.java:820)[:1.7.0_09] > at java.security.AccessController.doPrivileged(Native > Method)[:1.7.0_09] > at > sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1323)[:1.7.0_09] > at > org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:548)[88:org.eclipse.jetty.io:9.0.0.M3] > ... 8 more > Caused by: java.security.NoSuchAlgorithmException: DiffieHellman > KeyPairGenerator not available > at > java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:207)[:1.7.0_09] > at > sun.security.ssl.JsseJce.getKeyPairGenerator(JsseJce.java:276)[:1.7.0_09] > at sun.security.ssl.DHCrypt.<init>(DHCrypt.java:91)[:1.7.0_09] > ... 19 more >
