I want to specify th slImplementationName class name in tomcat(version 8) connector so that the default order in java.security is not considered for SSL handshake part.
From tomcat documentation:-
"The class name of the SSL implementation to use. If not specified,
the default of org.apache.tomcat.util.net.jsse.JSSEImplementation will
be used which wraps JVM's default JSSE provider. Note that the JVM can
be configured to use a different JSSE provider as the default"
But this does not specify the implementing class from java that can be used with this attribute.
While trying to start tomcat by chnaging the attribut i am getting exception:-
06-Jun-2016 12:05:15.639 SEVERE [main] org.apache.catalina.core.StandardService.initInternal Failed to initialize connector [Connector[HTTP/1.1-9443]]
org.apache.catalina.LifecycleException: Failed to initialize component [Connector[HTTP/1.1-9443]]
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:106)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:567)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:851)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
at org.apache.catalina.startup.Catalina.load(Catalina.java:576)
at org.apache.catalina.startup.Catalina.load(Catalina.java:599)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:310)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:484)
Caused by: org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:962)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:102)
... 12 more
Caused by: java.lang.ClassNotFoundException: Error loading SSL Implementation com.sun.security.sasl.Provider :java.lang.ClassCastException: com.sun.security.sasl.Provider cannot be cast to org.apache.tomcat.util.net.SSLImplementation
at org.apache.tomcat.util.net.SSLImplementation.getInstance(SSLImplementation.java:75)
at org.apache.coyote.http11.AbstractHttp11JsseProtocol.init(AbstractHttp11JsseProtocol.java:119)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:960)
... 13 more
I have tried using "com.sun.net.ssl.internal.ssl.Provider" and "com.sun.security.sasl.Provider", with no luck.
Any pointer will be very helpful.
The class of sslImplementationName must extend org.apache.tomcat.util.net.SSLImplementation. So Exception is thrown when you specify a class which does not satisfy this condition.
Since your intention is changing the default order of Cryptographic Service Provider. You should override security configuration per JVM instance. Make sure security.overridePropertiesFile=true in $JRE_HOME/lib/security/java.security.
Then modify Tomcat startup command and add system property:
-Djava.security.properties=_path_to_your_config_
For Java8, it could append or override the settings in $JRE_HOME/lib/security/java.security. For older version, it will completely override all settings.
Related
Recently I have downloaded JDK 11.0.2 & Tomcat 9.0.16 and set the environment variables, but whenever I am starting the tomcat it is showing the following exception in the console and http://localhost:8080/ is not accessible.
Please help.
06-Mar-2019 03:34:43.186 SEVERE [main] org.apache.catalina.util.LifecycleBase.handleSubClassException Failed to initialize component [Connector[HTTP/1.1-8080]] org.apache.catalina.LifecycleException: Protocol handler initialization failed
at org.apache.catalina.connector.Connector.initInternal(Connector.java:983)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardService.initInternal(StandardService.java:535)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.core.StandardServer.initInternal(StandardServer.java:1055)
at org.apache.catalina.util.LifecycleBase.init(LifecycleBase.java:136)
at org.apache.catalina.startup.Catalina.load(Catalina.java:589)
at org.apache.catalina.startup.Catalina.load(Catalina.java:612)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at java.base/jdk.internal.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at java.base/jdk.internal.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.base/java.lang.reflect.Method.invoke(Method.java:566)
at org.apache.catalina.startup.Bootstrap.load(Bootstrap.java:306)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:491)
Caused by: java.io.IOException: Unable to establish loopback connection
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:94)
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:61)
at java.base/java.security.AccessController.doPrivileged(Native Method)
at java.base/sun.nio.ch.PipeImpl.<init>(PipeImpl.java:171)
at java.base/sun.nio.ch.SelectorProviderImpl.openPipe(SelectorProviderImpl.java:50)
at java.base/java.nio.channels.Pipe.open(Pipe.java:155)
at java.base/sun.nio.ch.WindowsSelectorImpl.<init>(WindowsSelectorImpl.java:127)
at java.base/sun.nio.ch.WindowsSelectorProvider.openSelector(WindowsSelectorProvider.java:44)
at java.base/java.nio.channels.Selector.open(Selector.java:295)
at org.apache.tomcat.util.net.NioSelectorPool.getSharedSelector(NioSelectorPool.java:54)
at org.apache.tomcat.util.net.NioSelectorPool.close(NioSelectorPool.java:109)
at org.apache.tomcat.util.net.NioEndpoint.unbind(NioEndpoint.java:338)
at org.apache.tomcat.util.net.AbstractEndpoint.bindWithCleanup(AbstractEndpoint.java:1090)
at org.apache.tomcat.util.net.AbstractEndpoint.init(AbstractEndpoint.java:1098)
at org.apache.coyote.AbstractProtocol.init(AbstractProtocol.java:557)
at org.apache.coyote.http11.AbstractHttp11Protocol.init(AbstractHttp11Protocol.java:74)
at org.apache.catalina.connector.Connector.initInternal(Connector.java:980)
... 13 more
Caused by: java.net.ConnectException: Connection timed out: connect
at java.base/sun.nio.ch.Net.connect0(Native Method)
at java.base/sun.nio.ch.Net.connect(Net.java:482)
at java.base/sun.nio.ch.Net.connect(Net.java:474)
at java.base/sun.nio.ch.SocketChannelImpl.connect(SocketChannelImpl.java:694)
at java.base/java.nio.channels.SocketChannel.open(SocketChannel.java:194)
at java.base/sun.nio.ch.PipeImpl$Initializer$LoopbackConnector.run(PipeImpl.java:127)
at java.base/sun.nio.ch.PipeImpl$Initializer.run(PipeImpl.java:76)
... 29 more
I also tried with different connector ports but did not worked, but when i tried same thing with same configuration in another machine it worked without exception and localhost was accessible. Is there any problem with my machine.
This mistake means that your port is busy.
Stop Tomcat
Change the port number
Restart your app
Read more about the mistake here
I am trying to connect to an MBean Server on another machine with a ssl keystore but im seeing this error. I have a keystore and truststore on the other server as well. I also noticed that both machines have different java versions. Im not sure if thats the problem or if im missing something.
java.rmi.ConnectIOException: Exception creating connection to: 10.1.7.259; nested exception is:
java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:631)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:130)
at javax.management.remote.rmi.RMIServerImpl_Stub.newClient(Unknown Source)
at javax.management.remote.rmi.RMIConnector.getConnection(RMIConnector.java:2432)
at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:308)
at javax.management.remote.JMXConnectorFactory.connect(JMXConnectorFactory.java:270)
at com.stop.monitor.giab.JMXListenerClient.connect(JMXListenerClient.java:153)
at com.stop.monitor.giab.JMXListenerClient.main(JMXListenerClient.java:72)
Caused by: java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
at javax.net.ssl.DefaultSSLSocketFactory.throwException(SSLSocketFactory.java:248)
at javax.net.ssl.DefaultSSLSocketFactory.createSocket(SSLSocketFactory.java:262)
at javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:121)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
... 9 more
Caused by: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: sun.security.ssl.SSLContextImpl$DefaultSSLContext)
at java.security.Provider$Service.newInstance(Provider.java:1617)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:236)
at sun.security.jca.GetInstance.getInstance(GetInstance.java:164)
at javax.net.ssl.SSLContext.getInstance(SSLContext.java:156)
at javax.net.ssl.SSLContext.getDefault(SSLContext.java:96)
at javax.net.ssl.SSLSocketFactory.getDefault(SSLSocketFactory.java:122)
at javax.rmi.ssl.SslRMIClientSocketFactory.getDefaultClientSocketFactory(SslRMIClientSocketFactory.java:207)
at javax.rmi.ssl.SslRMIClientSocketFactory.createSocket(SslRMIClientSocketFactory.java:117)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:613)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:216)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:202)
at sun.rmi.server.UnicastRef.newCall(UnicastRef.java:342)
at sun.rmi.transport.DGCImpl_Stub.dirty(Unknown Source)
at sun.rmi.transport.DGCClient$EndpointEntry.makeDirtyCall(DGCClient.java:361)
at sun.rmi.transport.DGCClient$EndpointEntry.registerRefs(DGCClient.java:303)
at sun.rmi.transport.DGCClient.registerRefs(DGCClient.java:139)
at sun.rmi.transport.ConnectionInputStream.registerRefs(ConnectionInputStream.java:94)
at sun.rmi.transport.StreamRemoteCall.releaseInputStream(StreamRemoteCall.java:157)
at sun.rmi.transport.StreamRemoteCall.done(StreamRemoteCall.java:313)
at sun.rmi.server.UnicastRef.done(UnicastRef.java:451)
at sun.rmi.registry.RegistryImpl_Stub.lookup(Unknown Source)
at com.sun.jndi.rmi.registry.RegistryContext.lookup(RegistryContext.java:118)
at com.sun.jndi.toolkit.url.GenericURLContext.lookup(GenericURLContext.java:205)
at javax.naming.InitialContext.lookup(InitialContext.java:417)
at javax.management.remote.rmi.RMIConnector.findRMIServerJNDI(RMIConnector.java:1957)
at javax.management.remote.rmi.RMIConnector.findRMIServer(RMIConnector.java:1924)
at javax.management.remote.rmi.RMIConnector.connect(RMIConnector.java:287)
... 3 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1445)
at sun.security.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(TrustManagerFactoryImpl.java:226)
at sun.security.ssl.SSLContextImpl$DefaultSSLContext.getDefaultTrustManager(SSLContextImpl.java:767)
at sun.security.ssl.SSLContextImpl$DefaultSSLContext.<init>(SSLContextImpl.java:733)
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:62)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:422)
at java.security.Provider$Service.newInstance(Provider.java:1595)
... 29 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
... 39 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
from TrustManagerFactoryImpl
from SSLContextImpl$DefaultSSLContext.getDefaultTrustManager
Make sure your truststore is valid by doing keytool -list with password (don't hit return to bypass it). I don't think it's possible to create trustedcert entries in a JKS that are incompatible between Java versions (it is in some cases for privatekey entries) but to be on the safe side use the keytool of the JRE the problematic client uses -- and of course the same file.
Make sure system property javax.net.ssl.trustStore has the filename (if not the default, JRE/lib/security/[jsse]cacerts) and javax.net.ssl.trustStorePassword has the correct password (always).
Also if the truststore format is not JKS (or PKCS12 in a sufficiently recent Java 8 JRE with keystore.type.compat left at its default) specify javax.net.ssl.trustStoreType. But people who know how to create unusual stores like that don't ask questions like yours.
The Problem was an issue with the firewall. It was because the url used to connect did not specify the second port. So, it just used a random port.
//did not use second port. resulted in using random second port
String url = "service:jmx:rmi://somehost:9010/jndi/rmi://somehost/jmxrmi";
final JMXConnector jmxConnector = JMXConnectorFactory.connect(url);
//this worked because now we are using 1 port
String url="service:jmx:rmi://somehost:9010/jndi/rmi://somehost:9010/jmxrmi";
final JMXConnector jmxConnector = JMXConnectorFactory.connect(url);
I have installed gerrit on a Linux Mint machine, and I'm trying to use a mysql database connection for HTTP authentication.
But when I try to start gerrit, I get the following error:
ERROR com.google.gerrit.pgm.Daemon : Unable to start daemon
com.google.gerrit.common.Die: Cannot connect to SQL database
at com.google.gerrit.pgm.util.AbstractProgram.die(AbstractProgram.java:88)
at com.google.gerrit.pgm.util.SiteProgram.createDbInjector(SiteProgram.java:158)
at com.google.gerrit.pgm.Daemon.start(Daemon.java:275)
at com.google.gerrit.pgm.Daemon.run(Daemon.java:204)
at com.google.gerrit.pgm.util.AbstractProgram.main(AbstractProgram.java:64)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.google.gerrit.launcher.GerritLauncher.invokeProgram(GerritLauncher.java:166)
at com.google.gerrit.launcher.GerritLauncher.mainImpl(GerritLauncher.java:93)
at com.google.gerrit.launcher.GerritLauncher.main(GerritLauncher.java:50)
at Main.main(Main.java:25)
Caused by: java.sql.SQLException: Driver class com.mysql.jdbc.Driver not available
at com.google.gwtorm.jdbc.SimpleDataSource.loadDriver(SimpleDataSource.java:171)
at com.google.gwtorm.jdbc.SimpleDataSource.<init>(SimpleDataSource.java:85)
at com.google.gerrit.server.schema.DataSourceProvider.open(DataSourceProvider.java:144)
at com.google.gerrit.server.schema.DataSourceProvider.get(DataSourceProvider.java:65)
at com.google.gerrit.pgm.util.SiteLibraryBasedDataSourceProvider.get(SiteLibraryBasedDataSourceProvider.java:52)
at com.google.gerrit.pgm.util.SiteLibraryBasedDataSourceProvider.get(SiteLibraryBasedDataSourceProvider.java:32)
at com.google.inject.internal.ProviderInternalFactory.provision(ProviderInternalFactory.java:86)
at com.google.inject.internal.BoundProviderFactory.provision(BoundProviderFactory.java:73)
at com.google.inject.internal.ProviderInternalFactory.circularGet(ProviderInternalFactory.java:66)
at com.google.inject.internal.BoundProviderFactory.get(BoundProviderFactory.java:63)
at com.google.inject.internal.ProviderToInternalFactoryAdapter$1.call(ProviderToInternalFactoryAdapter.java:46)
at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1066)
at com.google.inject.internal.ProviderToInternalFactoryAdapter.get(ProviderToInternalFactoryAdapter.java:40)
at com.google.inject.Scopes$1$1.get(Scopes.java:65)
at com.google.inject.internal.InternalFactoryToProviderAdapter.get(InternalFactoryToProviderAdapter.java:41)
at com.google.inject.internal.InternalInjectorCreator$1.call(InternalInjectorCreator.java:205)
at com.google.inject.internal.InternalInjectorCreator$1.call(InternalInjectorCreator.java:199)
at com.google.inject.internal.InjectorImpl.callInContext(InjectorImpl.java:1059)
at com.google.inject.internal.InternalInjectorCreator.loadEagerSingletons(InternalInjectorCreator.java:199)
at com.google.inject.internal.InternalInjectorCreator.injectDynamically(InternalInjectorCreator.java:180)
at com.google.inject.internal.InternalInjectorCreator.build(InternalInjectorCreator.java:110)
at com.google.inject.Guice.createInjector(Guice.java:96)
at com.google.gerrit.pgm.util.SiteProgram.createDbInjector(SiteProgram.java:152)
... 11 more
Caused by: java.lang.ClassNotFoundException: com.mysql.jdbc.Driver
at java.net.URLClassLoader.findClass(URLClassLoader.java:381)
at java.lang.ClassLoader.loadClass(ClassLoader.java:424)
at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:348)
at com.google.gwtorm.jdbc.SimpleDataSource.loadDriver(SimpleDataSource.java:168)
... 33 more
I am copied mysql-connector-java-5.1.28.jar in /usr/share/java but still, this error persists.
Can somebody point me to a direction?
Better to leave /usr/share/java untouched. Anything you put there will be lost when you upgrade the next time. Instead, define your own common location for your drivers. If it is just for you, a subdirectory of your home location might be good: mkdir ~/jdbc.
Then copy your .jar for your jdbc driver in that location.
Then depending on how you run your java code, you will have to figure out how to include your jar's into your classpath.
standalone java program started with command-line java, then use the -cp parameter option.
Application Servers like Tomcat, or Weblogic, refer their documentation. Note that many suggest a drop location within the app server install, but for the same reasons as for the /usr/share/java, I would advise not to do so. Actually tomcat allows you to separate out CATALINA_HOME from CATALINA_BASE to solve that issue.
Either way, it appears that the exception was generated from a simple main, not a web app, so I assume you can go for the first option.
I have run into an issue after updating my JRE to 7u51. Prior to this, things were working fine.
I have a web application that runs on Tomcat and it uses the mozilla NSS libraries to achieve FIPS 140-2 compliance when using SSL/TLS. To do this, I had to change the default SunJSSE provider to my custom SunPKCS11-NSSFIPS provider.
Everything starts up fine. The server shows it is ready, but when I try to hit it from a web browser, I get a "The connection was interrupted" error.
Looking at the logs on the server, I see this:
Feb 09, 2014 3:00:16 AM org.apache.tomcat.util.net.NioEndpoint$SocketProcessor run
SEVERE:
java.lang.RuntimeException: Could not generate dummy secret
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1287)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:335)
at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:193)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1642)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: java.lang.RuntimeException: Could not generate dummy secret
at sun.security.ssl.RSAClientKeyExchange.generatePreMasterSecret(RSAClientKeyExchange.java:281)
at sun.security.ssl.RSAClientKeyExchange.polishPreMasterSecretKey(RSAClientKeyExchange.java:245)
at sun.security.ssl.RSAClientKeyExchange.<init>(RSAClientKeyExchange.java:167)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:190)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1227)
at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:285)
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:343)
... 5 more
Caused by: java.security.NoSuchAlgorithmException: no such algorithm: SunTls12RsaPremasterSecret for provider SunPKCS11-NSSFIPS
at sun.security.jca.GetInstance.getService(GetInstance.java:100)
at javax.crypto.JceSecurity.getInstance(JceSecurity.java:109)
at javax.crypto.KeyGenerator.getInstance(KeyGenerator.java:287)
at sun.security.ssl.JsseJce.getKeyGenerator(JsseJce.java:269)
at sun.security.ssl.RSAClientKeyExchange.generatePreMasterSecret(RSAClientKeyExchange.java:270)
... 15 more
I belive this is happening because the browser is trying to perform the handshake with TLSv1.2 but my security provider can't handle it. Is there a way to resolve this while still using my custom provider?
Immediately after that stack trace, there is another in the log file:
Feb 09, 2014 3:00:16 AM org.apache.tomcat.util.net.NioEndpoint$SocketProcessor run
SEVERE:
java.lang.RuntimeException: java.security.InvalidAlgorithmParameterException: init() failed
at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1287)
at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:513)
at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:790)
at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:758)
at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624)
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:335)
at org.apache.tomcat.util.net.SecureNioChannel.handshake(SecureNioChannel.java:193)
at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1642)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Caused by: java.security.ProviderException: java.security.InvalidAlgorithmParameterException: init() failed
at sun.security.ssl.Handshaker.calculateMasterSecret(Handshaker.java:1064)
at sun.security.ssl.Handshaker.calculateKeys(Handshaker.java:999)
at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:234)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:868)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:808)
at sun.security.ssl.Handshaker$1.run(Handshaker.java:806)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1227)
at org.apache.tomcat.util.net.SecureNioChannel.tasks(SecureNioChannel.java:285)
at org.apache.tomcat.util.net.SecureNioChannel.handshakeUnwrap(SecureNioChannel.java:343)
... 5 more
Caused by: java.security.InvalidAlgorithmParameterException: init() failed
at sun.security.pkcs11.P11TlsMasterSecretGenerator.engineInit(P11TlsMasterSecretGenerator.java:89)
at javax.crypto.KeyGenerator.init(KeyGenerator.java:431)
at javax.crypto.KeyGenerator.init(KeyGenerator.java:414)
at sun.security.ssl.Handshaker.calculateMasterSecret(Handshaker.java:1052)
... 14 more
Caused by: java.security.InvalidKeyException: Could not create key
at sun.security.pkcs11.P11SecretKeyFactory.createKey(P11SecretKeyFactory.java:270)
at sun.security.pkcs11.P11SecretKeyFactory.convertKey(P11SecretKeyFactory.java:175)
at sun.security.pkcs11.P11SecretKeyFactory.convertKey(P11SecretKeyFactory.java:111)
at sun.security.pkcs11.P11TlsMasterSecretGenerator.engineInit(P11TlsMasterSecretGenerator.java:87)
... 17 more
Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_ATTRIBUTE_VALUE_INVALID
at sun.security.pkcs11.wrapper.PKCS11.C_CreateObject(Native Method)
at sun.security.pkcs11.P11SecretKeyFactory.createKey(P11SecretKeyFactory.java:265)
... 20 more
Any help will be appreciated.
If i am not wrong NSS donot support tls1.2 yet. So you shouldnot initialize the handshake for tls1.2. Some browsers have changed the default TLS version to 1.2. You have to change that to TLS 1.1 and try again.
I am trying to connect to a database using Facade. I am using Netbeans 7.3.1 JDK 1.7 and JAva EE 7.
There is a Enterprise Application, a client application couple of beans and a class library. I mostly used the insert code method in netbeans to create the connections. I get the following error:
java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
at org.glassfish.appclient.client.acc.AppClientContainer.launch(AppClientContainer.java:446)
at org.glassfish.appclient.client.AppClientFacade.launch(AppClientFacade.java:183)
atorg.glassfish.appclient.client.AppClientGroupFacade.main(AppClientGroupFacade.java:65)
Caused by: javax.ejb.EJBException
at com.sun.ejb.containers.EJBContainerTransactionManager.processSystemException(EJBContainerTransactionManager.java:748)
at com.sun.ejb.containers.EJBContainerTransactionManager.completeNewTx(EJBContainerTransactionManager.java:698)
at com.sun.ejb.containers.EJBContainerTransactionManager.postInvokeTx(EJBContainerTransactionManager.java:503)
at com.sun.ejb.containers.BaseContainer.postInvokeTx(BaseContainer.java:4475)
at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:2009)
at com.sun.ejb.containers.BaseContainer.postInvoke(BaseContainer.java:1979)
at com.sun.ejb.containers.EJBObjectInvocationHandler.invoke(EJBObjectInvocationHandler.java:212)
at com.sun.ejb.containers.EJBObjectInvocationHandlerDelegate.invoke(EJBObjectInvocationHandlerDelegate.java:79)
at com.sun.proxy.$Proxy299.count(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
And
Caused by: java.lang.IllegalArgumentException: No [EntityType] was found for the key class [com.javaee.test.db.Questions] in the Metamodel - please verify that the [Entity] class was referenced in persistence.xml using a specific <class>com.javaee.test.db.Questions</class> property or a global <exclude-unlisted-classes>false</exclude-unlisted-classes> element.
at org.eclipse.persistence.internal.jpa.metamodel.MetamodelImpl.entityEmbeddableManagedTypeNotFound(MetamodelImpl.java:173)
at org.eclipse.persistence.internal.jpa.metamodel.MetamodelImpl.entity(MetamodelImpl.java:193)
at org.eclipse.persistence.internal.jpa.querydef.CommonAbstractCriteriaImpl.internalFrom(CommonAbstractCriteriaImpl.java:114)
at org.eclipse.persistence.internal.jpa.querydef.AbstractQueryImpl.from(AbstractQueryImpl.java:246)
I am not sure where exactly the problem might be so i didn't post any of the code. If you have a hint I can put down the code.
I had the same error last night. I think we are taking the same class! To fix it expand the ejb project -> Configuration Files -> persistence.xml
Under General, there is a checked checkbox "Include All Entity Classes in _ Module". I unchecked the box and then added each class manually. That took care of the exception. Hope this helps.