Unable to encrypt preMasterSecret: java.security.InvalidKeyException: Illegal key size error in AIX.
Article ID: KB0093765
Updated On:
| Products | Versions |
|---|---|
| TIBCO ActiveMatrix BusinessWorks | - |
| Not Applicable | - |
Description
Description:
A TIBCO BusinessWorks application running on AIX fails to setup an SSL connection with and throws the following exception.
Symptoms:
SSL connection will fail and on enabling detailed tracing, the following exceptions are thrown.
Cause:
This occurs when policy files local_policy.jar and US_export_policy.jar are not compatible with AIX.
A TIBCO BusinessWorks application running on AIX fails to setup an SSL connection with and throws the following exception.
An IOException was thrown while trying to execute the Http method
at com.tibco.plugin.share.http.client.JakartaHttpTransportDriver$RequestExecutor.run(Unknown Source)
at com.tibco.pe.util.ThreadPool$ThreadPoolThread.run(Unknown Source)
caused by: java.io.IOException: The selected encryption strength may not match your policy file. Please check your policy file and upgrade, if necessary.. Unable to encrypt preMasterSecret: java.security.InvalidKeyException: Illegal key size
at com.tibco.plugin.share.security.TIBCryptClientSocketFactory.createSocket(Unknown Source)
at com.tibco.plugin.share.security.TIBCryptClientSocketFactory.createSocket(Unknown Source)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodD
at com.tibco.plugin.share.http.client.JakartaHttpTransportDriver$RequestExecutor.run(Unknown Source)
at com.tibco.pe.util.ThreadPool$ThreadPoolThread.run(Unknown Source)
caused by: java.io.IOException: The selected encryption strength may not match your policy file. Please check your policy file and upgrade, if necessary.. Unable to encrypt preMasterSecret: java.security.InvalidKeyException: Illegal key size
at com.tibco.plugin.share.security.TIBCryptClientSocketFactory.createSocket(Unknown Source)
at com.tibco.plugin.share.security.TIBCryptClientSocketFactory.createSocket(Unknown Source)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:706)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodD
Symptoms:
SSL connection will fail and on enabling detailed tracing, the following exceptions are thrown.
Caused by: java.lang.ExceptionInInitializerError
at java.lang.J9VMInternals.initialize(J9VMInternals.java:250)
at javax.crypto.d.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:228)
at javax.crypto.Cipher.c(Unknown Source)
at javax.crypto.Cipher.getMaxAllowedKeyLength(Unknown Source)
at com.tibco.security.providers.SecurityVendor_entrust61.<init>(SecurityVendor_entrust61.java:107)
... 26 more
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.b.<clinit>(Unknown Source)
at java.lang.J9VMInternals.initializeImpl(Native Method)
at java.lang.J9VMInternals.initialize(J9VMInternals.java:228)
... 32 more
Caused by: java.lang.SecurityException: Jurisdiction policy files are not signed by trusted signers!
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.a(Unknown Source)
at javax.crypto.b.access$600(Unknown Source)
Cause:
This occurs when policy files local_policy.jar and US_export_policy.jar are not compatible with AIX.
1). The user may be using an Oracle provided policy files for an AIX environment.
2). The Policy file in AIX are specific to the O.S. version, so there may be a compatibility issue between the policy files and the AIX version.
Issue/Introduction
Unable to encrypt preMasterSecret: java.security.InvalidKeyException: Illegal key size error in AIX.
Resolution
The correct policy files should be used. Refer to the following links.
http://www-01.ibm.com/support/docview.wss?uid=swg21635319
Note that the policies expire so you may have to find the right version.
https://www-01.ibm.com/marketing/iwm/iwm/web/preLogin.do?source=jcesdk
Additional Information
Feedback
Yes
No
Powered by
