Reputation: 475
My java application was able to connect to the third party application using https SSL connection when the endpoint URL had IP address in it. Now, when the IP address got changed to Hostname, I am getting “SSL handshake exception” . Apart from this there were no code update or any other changes done. Only change what was done is that the thiry party is using Hostname in the Endpoint URL , instead of IP address.
Earlier URL: https://10.0.0.1:5368/invoke/Upload.Accept/receiveReply Present URL: https://service.serviceprovider.com:5368/invoke/Upload.Accept/receiveReply
Any ideas what is causing this and how to fix it?
Please let me know if any more details is required.
Below is the stacktrace of the error:
javax.net.ssl.SSLHandshakeException: Could not generate secret
at sun.security.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:219)
at sun.security.ssl.ClientHandshaker.serverHelloDone(ClientHandshaker.java:1056)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:348)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1026)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:961)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1062)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1375)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1403)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1387)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:559)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(HttpsURLConnectionImpl.java:153)
at com.etsalat.adapter.sadad.PaymentLoadAdapter.run(PaymentLoadAdapter.java:130)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.security.NoSuchAlgorithmException: TlsPremasterSecret SecretKeyFactory not available
at javax.crypto.SecretKeyFactory.<init>(SecretKeyFactory.java:122)
at javax.crypto.SecretKeyFactory.getInstance(SecretKeyFactory.java:160)
at iaik.security.dh.DHKeyAgreement.engineGenerateSecret(Unknown Source)
at javax.crypto.KeyAgreement.generateSecret(KeyAgreement.java:648)
at sun.security.ssl.DHCrypt.getAgreedSecret(DHCrypt.java:217)
Upvotes: 0
Views: 6088
Reputation: 26
I had the same issue before.
The exception: "SecretKeyFactory not available" happens if the digital signature API you are using is not added to Java SDK your application use.
To add the API to Java SDK: 1. Navigate to the lib-signed folder and then copy API jar file (for example: iaik_jce.jar) to /jre/lib/ext. 2. Navigate to /jre/lib/security and then add the following to java.security security.provider.10=iaik.security.provider.IAIK Note: If the number '10' is being used by another entry, use the next available number.
for more information refer to: http://docs.oracle.com/cd/E61144_01/English/Install_and_Config/Automatic_Install_and_Config/helpmain.htm?toc.htm?89631.htm
Upvotes: 1