Login/Register
SunTlsRsaPremasterSecret KeyGenerator not available
Asked Answered
Solved javamacos
R

9

13

I encountered an error when my application tries to load a RSA Algorithm provider class from JAVA. The exception stack is as follow:

javax.jms.JMSException: RSA premaster secret error
at org.apache.activemq.util.JMSExceptionSupport.create(JMSExceptionSupport.java:49)
at org.apache.activemq.ActiveMQConnection.syncSendPacket(ActiveMQConnection.java:1255)
at org.apache.activemq.ActiveMQConnection.ensureConnectionInfoSent(ActiveMQConnection.java:1350)
at org.apache.activemq.ActiveMQConnection.setClientID(ActiveMQConnection.java:388)
at com.trendmicro.tmsm.TMSMAgent.open(TMSMAgent.java:63)

Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:97)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:634)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:226)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:516)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:454)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:884)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1112)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:623)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
at org.apache.activemq.transport.tcp.TcpBufferedOutputStream.flush(TcpBufferedOutputStream.java:115)
at java.io.DataOutputStream.flush(DataOutputStream.java:106)
at org.apache.activemq.transport.tcp.TcpTransport.oneway(TcpTransport.java:167)
at org.apache.activemq.transport.InactivityMonitor.oneway(InactivityMonitor.java:237)
at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:168)
at org.apache.activemq.transport.WireFormatNegotiator.sendWireFormat(WireFormatNegotiator.java:84)
at org.apache.activemq.transport.WireFormatNegotiator.start(WireFormatNegotiator.java:74)
at org.apache.activemq.transport.failover.FailoverTransport.doReconnect(FailoverTransport.java:715)
at org.apache.activemq.transport.failover.FailoverTransport$2.iterate(FailoverTransport.java:115)
at org.apache.activemq.thread.PooledTaskRunner.runTask(PooledTaskRunner.java:122)
at org.apache.activemq.thread.PooledTaskRunner$1.run(PooledTaskRunner.java:43)
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
at java.lang.Thread.run(Thread.java:637)

Caused by: java.security.NoSuchAlgorithmException: SunTlsRsaPremasterSecret KeyGenerator not available
at javax.crypto.KeyGenerator.<init>(DashoA13*..)
at javax.crypto.KeyGenerator.getInstance(DashoA13*..)
at com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223)
at com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:89)
... 22 more

I've googled the error message and most of posts says it's because JVM cannot find sunjce_provider.jar. However, I can find the file in /Library/Java/Home/lib/ext folder.

The platform is Mac OS X 10.6 and Java version is 1.6.0_17.

My questions are:

  1. Why JVM does not search /Library/Java/Home/lib/ext for jar files?
  2. Can we change CLASSPATH or java.ext.dirs property by modify any config file?
  3. Any suggestion to solve this problem?

Thanks in advance.

Radmen answered 20/5, 2010 at 9:38 Comment(0)
R
3

I think we find the root cause so here is an answer of my own question.

  1. the Java system property "java.ext.dirs" in Mac OS X 10.5 is: /Library/Java/Extensions:/System/Library/Java/Extensions:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext. The sunjce_provider.jar should be in /System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext but also be found in /Library/Java/Extensions/ in the problem mac.

  2. the sunjce_provider.jar in /Library/Java/Extensions/ belongs to Java Cryptography Extension(JCE) 1.2.2, which has been installed in the mac. JCE 1.2.2 is an optional package of J2SE 1.3.1 and may not includes enough libraries for J2SE 1.4 and later.

  3. the Java applcation works normally after all JCE 1.2.2 related jar files have been removed from /Library/Java/Extensions/.

Radmen answered 7/6, 2010 at 3:4 Comment(0)
A
27

I've had the same problem after upgrading to new Java version on Mac. My (maven) project ran OK from command line but got the "SunTlsRsaPremasterSecret" error in Eclipse.

The solution was to remove Installed JREs in Eclipse configuration and add them again (using the "Search..." button).

Audile answered 24/3, 2011 at 14:18 Comment(5)
This also worked for me. I had to delete all of the JRE entries from Preferences -> Java -> Installed JREs. It wouldn't allow me to delete the last one so I had to add one back in with a different name and then delete the original. Then re-add them all.Brandenbrandenburg
I had my pointed eclipse to a symlink folder that pointed to the JDK. Removing and readding the true folders to Eclipse solved the issue for me.Quiescent
I had the same issue in Eclipse Luna on Windows 7, JDK 1.8.0_05; this fix worked, though I had to restart Eclipse afterward before it took effect.Semidome
Thanks man, it worked for me with Eclipse Luna, Windows XP, JDK 7 environment. But after that project could not resolve Maven Dependencies. Any idea about this kind of problem?Auscultate
Thanks Man, saved my day. i wonder why this is not marked as the answer of the question.Fixative
D
8

had a similar issue. Adding the classpath to the ext directory fixed it for me. This fix worked for me on windows 7 with java 1.6

java -Djava.ext.dirs=lib -classpath "%java_home%\lib\ext\*" myapp.jar
Dipper answered 22/2, 2012 at 16:8 Comment(2)
Thanks man; you saved my world! this has solved my problems too after a couple of hours of frustrationsDiagonal
I am facing the same issue. can you please take a look at my post?#19432551Gannie
R
3

I think we find the root cause so here is an answer of my own question.

  1. the Java system property "java.ext.dirs" in Mac OS X 10.5 is: /Library/Java/Extensions:/System/Library/Java/Extensions:/System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext. The sunjce_provider.jar should be in /System/Library/Frameworks/JavaVM.framework/Versions/1.6.0/Home/lib/ext but also be found in /Library/Java/Extensions/ in the problem mac.

  2. the sunjce_provider.jar in /Library/Java/Extensions/ belongs to Java Cryptography Extension(JCE) 1.2.2, which has been installed in the mac. JCE 1.2.2 is an optional package of J2SE 1.3.1 and may not includes enough libraries for J2SE 1.4 and later.

  3. the Java applcation works normally after all JCE 1.2.2 related jar files have been removed from /Library/Java/Extensions/.

Radmen answered 7/6, 2010 at 3:4 Comment(0)
A
1

It happened to me while launching the tomcat server from eclipse. I solved it by changing the configuration in Windows -> Preferences -> Java -> Installed JREs -> Edit. I had to update all the JRE system libraries with the corresponding jars from the folders in:

  • %JAVA_HOME%/jre/lib/ext
  • %JAVA_HOME%/jre/lib/

It seems that after the last update I have changed the JRE_Home but forgot those libraries.

enter image description here

Arron answered 16/9, 2015 at 15:54 Comment(0)
M
1

I also had this issue, noticed that the problem was in my Eclipse configuration.

Window > Preferences > Java > Installed JREs > jdk8_64bit > Edit...

The path of my sunjce_provider.jar was pointing to jdk8_64bit\lib\ext\sunjce.provider.jar. It should point to the JRE's equivalent in jdk8_64bit\jre\lib\ext\sunjce.provider.jar.

Malcom answered 3/6, 2016 at 13:2 Comment(0)
R
0

Had to spend almost a day on this while trying to use JavaMail in Eclipse Luna. Tried all approaches suggested in various forums, but no luck.

Digged into the complete flow and found the exception arising due to Class is on BootClassPath

from KeyAgreement.getInstance()->JceSecurity.canUseProvider()->JceSecurity.getVerificationResult()->JarVerifier.verify()

void verify() throws JarException, IOException { if (jarURL == null) { throw new JarException("Class is on the bootclasspath"); }.......

I removed sunjce_provider jar from \ext\ folder and can send mail now. This might not be right but atleast a quick workaround.

Refer Eclipse bug.

Reorganize answered 28/9, 2015 at 6:14 Comment(0)
A
0

I know, I am joining late here. But for me, this error came suddenly as soon as I changed the Preference -> Java -> Installed JREs -> Execution Environments as JavaSE-1.8 to jdk1.8 path. But it should be jre1.8 path.

I don't know why is it happening now. But It sorted the problem.

Artemisia answered 22/9, 2019 at 12:30 Comment(0)
T
0

Probable solution: Check if jdk path is set till C:\Program Files\Java\jdk1.8.0_171 but not including bin

Thoroughfare answered 26/4, 2020 at 14:4 Comment(0)
E
0

In my case, I got above same issue, after reading above solutions, I changed JRE Definition and Restore Default. It is working fine now. enter image description here

Eddo answered 2/1, 2022 at 10:21 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.