btw: the reason it stopped working with openssl1.0 is, that openssl0.9.8 did
only send these ciphers:
DHE-RSA-AES256-SHA:DHE-DSS-AES256-SHA:AES256-SHA:EDH-RSA-DES-CBC3-SHA:EDH-DSS-DES-CBC3-SHA:DES-CBC3-SHA:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA:AES128-SHA:RC4-SHA:RC4-MD5:EDH-RSA-DES-CBC-SHA:EDH-DSS
yes. I've updated my suggestion above. Please comment out the line like
this:
#security.provider.10=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/nss.cfg
This completely disables Elliptic Curves so another method is chosen. It
seems SunEC is not available in iced tea builds currently.
Hm. Now I get a java.lang.ClassNotFoundException: sun.security.ec.SunEC
even on openjdk7. I was sure this worked before.
It seems the SunEC provider was added in jdk7, so no way to get this to work in
jdk6, but it should work on openjdk7 at least.
http://docs.oracle.com/javase/7/docs/technotes/gu
hm. This worked on ubuntu 12.04, but not on 10.04 with openjdk-
6_6b20-1.9.13 *sigh*
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1006776
Title:
openjdk-6-jdk ssl negotiation incompatibility
To ma
*Ouch*
I just realized that it is sufficient to modify
/etc/java-6-openjdk/security/java.security so it uses the sun Elliptic
Curve impelementation wich is also included in openjdk.
Just change the line
security.provider.9=sun.security.pkcs11.SunPKCS11
${java.home}/lib/security/nss.cfg
to
securi
see also
https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1006776
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/989240
Title:
severe openjdk-7-jre ssl negotiation incompatibility (fixed upst
Out of curiosity I've further examined the problem. Here my results.
It seems that the used libnss3 only supports these 3 elliptic curves:
secp256r1 secp384r1 and secp521r1
(See source package for libnss3 on ubuntu 12.04
openjdk-6-src/nss-3.13.1.with.ckbi.1.88/mozilla/security/nss/freebl/ec
Same as https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/989240
sun.security.pkcs11.wrapper.PKCS11Exception of CKR_DOMAIN_PARAMS_INVALID
while creating private
// Called by ServerHandshaker for ephemeral ECDH
ECDHCrypt(String curveName, SecureRandom random) {
try {
Same problem exists in openjdk-7u3-2.1.1
** Project changed: openjdk => openjdk-7 (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1006776
Title:
openjdk-6-jdk ssl negotiation incompatibility
** Also affects: openjdk
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1006776
Title:
openjdk-6-jdk ssl negotiation incompatibility
To manage notificatio
10 matches
Mail list logo