Hello, I am Mozilla-JSS as the provider in my Java application which is a SSL client connecting to OpenSSL based SSL Server.
I am using the cipher suite "TLS_RSA_WITH_AES_128_CBC_SHA" and we are using TLSv1.0 as the SSL protocol. I get this exception when I try to connect to the server. Server has a self signed RSA based certificate. What I thought was premaster secret key is generated by the Client and encrypt using the public key of the certificate so that Server will decrypt using its private key. Can some one tell me what I am missing here and what this exception means? javax.net.ssl.SSLKeyException: RSA premaster secret error at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init> (PreMasterSecret.java:86) at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverHelloDone (ClientHandshaker.java:439) at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage (ClientHandshaker.java:132) at com.sun.net.ssl.internal.ssl.Handshaker.process_record (Handshaker.java:334) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord (SSLSocketImpl.java:805) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake (SSLSocketImpl.java:1046) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake (SSLSocketImpl.java:1059) at com.fhp.ems.main.TestSecurity_SSL.testSSL (TestSecurity_SSL.java:218) at com.fhp.ems.main.TestSecurity_SSL.main (TestSecurity_SSL.java:69) Caused by: java.security.InvalidKeyException: Invalid key type: org.mozilla.jss.pkcs11.PK11RSAPublicKey at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.importKey (JSSCipherSpi.java:123) at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit (JSSCipherSpi.java:161) at org.mozilla.jss.provider.javax.crypto.JSSCipherSpi.engineInit (JSSCipherSpi.java:270) at javax.crypto.Cipher.init(DashoA13*..) at com.sun.net.ssl.internal.ssl.JCE_RSACipher.encryptInit (RSACipher.java:76) at com.sun.net.ssl.internal.ssl.PreMasterSecret.<init> (PreMasterSecret.java:83) ... 8 more -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto