Do you exactly follow the document there? Especially as you use sunjce_provider.jar, you should have org.apache.karaf.security.providers =com.sun.crypto.provider.SunJCE in $KARAF_HOME/etc/config.properties
take a look at related discussion[1] to get more details. [1]http://fusesource.com/forums/thread.jspa?messageID=15560㳈 ------------- Freeman(Yue) Fang Red Hat, Inc. FuseSource is now part of Red Hat Web: http://fusesource.com | http://www.redhat.com/ Twitter: freemanfang Blog: http://freemanfang.blogspot.com http://blog.sina.com.cn/u/1473905042 weibo: http://weibo.com/u/1473905042 On 2012-12-6, at 下午2:36, Guofeng Zhang wrote: > Not works. I got: > java.lang.RuntimeException: java.security.NoSuchAlgorithmException: > SunTlsMasterSecret KeyGenerator not available > > From: Freeman Fang [mailto:[email protected]] > Sent: Thursday, December 06, 2012 12:58 PM > To: [email protected] > Subject: Re: Enable HTTPS got "Could not generate DH keypair" > > Hi, > > In some case you need specify security provider to karaf, take a look at [1] > to get more details, the "Deploying Security Providers" chapter > > [1]http://karaf.apache.org/manual/latest-2.3.x/users-guide/security.html > ------------- > Freeman(Yue) Fang > > Red Hat, Inc. > FuseSource is now part of Red Hat > Web: http://fusesource.com | http://www.redhat.com/ > Twitter: freemanfang > Blog: http://freemanfang.blogspot.com > http://blog.sina.com.cn/u/1473905042 > weibo: http://weibo.com/u/1473905042 > > On 2012-12-6, at 下午12:43, Guofeng Zhang wrote: > > > Hi, > > I tried to deploy Jetty SPDY on Karaf-3.0.0-SNAPSHOT, so I have to enable > HTTPS. But I got the following error. By copying sunjce_provider.jar from JRE > 7 to lib/ext (hint > fromhttp://www.jroller.com/robertburrelldonkin/entry/james_imaps), this > issue is solved and the HTTPS works well. But I do not think it is the right > way to duplicate it there. > > So what causes the issue ( Jetty miss importimg something)? or I do not > configure something required on Karaf? > > I use the lastest 3.0.0 SNAPSHOT. > > Thanks. > > Guofeng > > java.lang.RuntimeException: Could not generate DH keypair > at > sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1383)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:517)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:794)[:1.7.0_09] > at > sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:762)[:1.7.0_09] > at > javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)[:1.7.0_09] > at > org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:489)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.fill(NextProtoNegoServerConnection.java:99)[108:org.eclipse.jetty.spdy.server:9.0.0.M3] > at > org.eclipse.jetty.spdy.server.NextProtoNegoServerConnection.onFillable(NextProtoNegoServerConnection.java:67)[108:org.eclipse.jetty.spdy.server:9.0.0.M3] > at > org.eclipse.jetty.io.AbstractConnection$1.onCompleted(AbstractConnection.java:80)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.io.AbstractConnection$1.onCompleted(AbstractConnection.java:63)[88:org.eclipse.jetty.io:9.0.0.M3] > at > org.eclipse.jetty.util.ExecutorCallback$1.run(ExecutorCallback.java:32)[98:org.eclipse.jetty.util:9.0.0.M3] > at > org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:597)[98:org.eclipse.jetty.util:9.0.0.M3] > at > org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool.java:528)[98:org.eclipse.jetty.util:9.0.0.M3] > at java.lang.Thread.run(Thread.java:722)[:1.7.0_09] > Caused by: java.lang.RuntimeException: Could not generate DH keypair > at > sun.security.ssl.DHCrypt.<init>(DHCrypt.java:100)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.setupEphemeralDHKeys(ServerHandshaker.java:1263)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1125)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:970)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:663)[:1.7.0_09] > at > sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:200)[:1.7.0_09] > at > sun.security.ssl.Handshaker.processLoop(Handshaker.java:882)[:1.7.0_09] > at > sun.security.ssl.Handshaker$1.run(Handshaker.java:822)[:1.7.0_09] > at > sun.security.ssl.Handshaker$1.run(Handshaker.java:820)[:1.7.0_09] > at java.security.AccessController.doPrivileged(Native > Method)[:1.7.0_09] > at > sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1323)[:1.7.0_09] > at > org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.fill(SslConnection.java:548)[88:org.eclipse.jetty.io:9.0.0.M3] > ... 8 more > Caused by: java.security.NoSuchAlgorithmException: DiffieHellman > KeyPairGenerator not available > at > java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:207)[:1.7.0_09] > at > sun.security.ssl.JsseJce.getKeyPairGenerator(JsseJce.java:276)[:1.7.0_09] > at sun.security.ssl.DHCrypt.<init>(DHCrypt.java:91)[:1.7.0_09] > ... 19 more > >
