+1 Norman Am Mittwoch, den 18.07.2007, 14:33 -0700 schrieb Stefano Bagnara (JIRA): > [ > https://issues.apache.org/jira/browse/JAMES-782?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12513725 > ] > > Stefano Bagnara commented on JAMES-782: > --------------------------------------- > > Well, in fact I read it in the docs :-) > > Directly from our config.xml: > <!-- In order to use the ssl factory under Java 1.5 and support all > Clients --> > <!-- (particularly Mozilla Thunderbird) you need to install the Sun JCE --> > <!-- provider in your environment (james/lib) --> > <!-- e.g: jre/lib/ext/sunjce_provider.jar --> > > Maybe this should be extended to Java 6 and added also to FAQ, if you want. > > > Add docs howto use SSL with JAVA6 [ was: SSL support not work with JAVA6] > > ------------------------------------------------------------------------- > > > > Key: JAMES-782 > > URL: https://issues.apache.org/jira/browse/JAMES-782 > > Project: James > > Issue Type: Task > > Affects Versions: 2.2.0, 2.3.0, 2.3.1, Next Minor, Next Major, Trunk > > Reporter: Norman Maurer > > > > From ML: > > Hi all, > > I'm running a build of svn trunk on java6 and I'm experiencing some > > security related errors. > > My colleague running james 2.2 on java 6 is also experiencing security > > related issues with the same Exceptions. > > in the pop3serevr log I get: > > 18/12/06 10:27:14 ERROR pop3server-tls: Exception handling socket to > > 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been > > shutdown: javax.net.ssl.SSLExcepti > > on: java.lang.RuntimeException: Could not generate dummy secret > > javax.net.ssl.SSLException: Connection has been shutdown: > > javax.net.ssl.SSLException: java.lang.RuntimeException: Could not > > generate dummy secret > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172) > > at > > com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) > > at java.io.BufferedInputStream.fill(BufferedInputStream.java:218) > > at java.io.BufferedInputStream.read(BufferedInputStream.java:237) > > at > > org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158) > > at > > org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115) > > at > > org.apache.james.pop3server.POP3Handler.readCommandLine(POP3Handler.java:316) > > at > > org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:211) > > at > > org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259) > > at > > org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468) > > at > > org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55) > > at > > org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116) > > Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: > > Could not generate dummy secret > > at > > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396) > > at > > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64) > > at > > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) > > at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) > > at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278) > > at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122) > > at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212) > > at java.io.BufferedWriter.flush(BufferedWriter.java:236) > > at java.io.PrintWriter.flush(PrintWriter.java:276) > > at > > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94) > > at > > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191) > > at > > org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399) > > at > > org.apache.james.pop3server.POP3Handler.handleProtocol(POP3Handler.java:188) > > ... 4 more > > Caused by: java.lang.RuntimeException: Could not generate dummy secret > > at > > com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:158) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.calculateMasterSecret(Handshaker.java:680) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.calculateKeys(Handshaker.java:631) > > at > > com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:204) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621) > > at > > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) > > ... 15 more > > Caused by: java.security.NoSuchAlgorithmException: > > SunTlsRsaPremasterSecret KeyGenerator not available > > at javax.crypto.KeyGenerator.<init>(DashoA13*..) > > at javax.crypto.KeyGenerator.getInstance(DashoA13*..) > > at > > com.sun.net.ssl.internal.ssl.JsseJce.getKeyGenerator(JsseJce.java:223) > > at > > com.sun.net.ssl.internal.ssl.RSAClientKeyExchange.generateDummySecret(RSAClientKeyExchange.java:152) > > ... 24 more > > and in the smtpserver log i get > > 18/12/06 11:20:04 ERROR smtpserver-tls: Exception handling socket to > > 58-186-74-xxx-dynamic.hcm.fpt.vn. (58.186.74.5) : Connection has been > > shutdown: javax.net.ssl.SSLExcepti > > on: java.lang.RuntimeException: Could not generate secret > > javax.net.ssl.SSLException: Connection has been shutdown: > > javax.net.ssl.SSLException: java.lang.RuntimeException: Could not > > generate secret > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.checkEOF(SSLSocketImpl.java:1172) > > at > > com.sun.net.ssl.internal.ssl.AppInputStream.read(AppInputStream.java:65) > > at java.io.BufferedInputStream.fill(BufferedInputStream.java:218) > > at java.io.BufferedInputStream.read(BufferedInputStream.java:237) > > at > > org.apache.james.util.CRLFTerminatedReader.read(CRLFTerminatedReader.java:158) > > at > > org.apache.james.util.CRLFTerminatedReader.readLine(CRLFTerminatedReader.java:115) > > at > > org.apache.james.smtpserver.SMTPHandler.readCommandLine(SMTPHandler.java:503) > > at > > org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:254) > > at > > org.apache.james.core.AbstractJamesHandler.handleConnection(AbstractJamesHandler.java:259) > > at > > org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:468) > > at > > org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55) > > at > > org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116) > > Caused by: javax.net.ssl.SSLException: java.lang.RuntimeException: > > Could not generate secret > > at > > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:190) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1520) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1487) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1470) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1396) > > at > > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:64) > > at > > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65) > > at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123) > > at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278) > > at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122) > > at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212) > > at java.io.BufferedWriter.flush(BufferedWriter.java:236) > > at java.io.PrintWriter.flush(PrintWriter.java:276) > > at > > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:94) > > at > > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:191) > > at > > org.apache.james.core.AbstractJamesHandler.writeLoggedFlushedResponse(AbstractJamesHandler.java:399) > > at > > org.apache.james.smtpserver.SMTPHandler.handleProtocol(SMTPHandler.java:207) > > ... 4 more > > Caused by: java.lang.RuntimeException: Could not generate secret > > at > > com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:168) > > at > > com.sun.net.ssl.internal.ssl.ServerHandshaker.clientKeyExchange(ServerHandshaker.java:981) > > at > > com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:184) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:511) > > at > > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:449) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:817) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1029) > > at > > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:621) > > at > > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59) > > ... 15 more > > Caused by: java.security.NoSuchAlgorithmException: Unsupported secret > > key algorithm: TlsPremasterSecret > > at > > com.sun.crypto.provider.DHKeyAgreement.engineGenerateSecret(DashoA6275) > > at javax.crypto.KeyAgreement.generateSecret(DashoA13*..) > > at > > com.sun.net.ssl.internal.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:166) > > ... 23 more > > This looks like it could be a problem associated with a move from > > java5 to java6, but I'm not sure how to fix it. > > Any help from you guys would be appreciated. > > Thanks, > > Kev >
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
