centos6.5 openjdk https/ssl兼容性错误ECKeyPairGenerator.generateKeyPair
2015-09-08 22:09
483 查看
阿里云centos6.5下使用新版openjdk7(OpenJDK 64-Bit Server VM (build 24.85-b03, mixed mode)) 会碰到一个比较无奈的问题, trust all https get请求在本地oracle jdk 或低些版本的openjdk都没问题, 放到阿里云就可能会报一下错, 本人案例是在微信OAUTH交换采访令牌环时报错.
Caused by: java.security.ProviderException: java.security.KeyException
at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:146)
at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:704)
at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:78)
at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:714)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:278)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
不是这个原因
http://bbs.aliyun.com/read/255711.html?fpage=3
类似的案例
http://jenkins-ci.361315.n4.nabble.com/Using-Java-1-7-and-SSL-self-signed-certs-td4755143.html https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/989240
ldd /usr/lib/jvm/lib/amd64/libsunec.so 依赖的是libnss, 先升级到最新好像就可以了.
也看了下${jre_home}/lib/security/java.security, 好像可以开启10
# the NSS security provider was not enabled for this build; it can be enabled
# if NSS (libnss3) is available on the machine. The nss.cfg file may need
# editing to reflect the location of the NSS installation.
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
oracle jdk应该测试稳定多些, 他可能尽量使用了静态库, 毕竟oracle jdk安装之后是比较大, 而openjdk似乎蛮多是动态库, 但是wget很难下载到oracle jdk, 将就用着吧
Caused by: java.security.ProviderException: java.security.KeyException
at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:146)
at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:704)
at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:78)
at sun.security.ssl.ClientHandshaker.serverKeyExchange(ClientHandshaker.java:714)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:278)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:913)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:849)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1035)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1344)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1371)
不是这个原因
http://bbs.aliyun.com/read/255711.html?fpage=3
类似的案例
http://jenkins-ci.361315.n4.nabble.com/Using-Java-1-7-and-SSL-self-signed-certs-td4755143.html https://bugs.launchpad.net/ubuntu/+source/openjdk-7/+bug/989240
ldd /usr/lib/jvm/lib/amd64/libsunec.so 依赖的是libnss, 先升级到最新好像就可以了.
也看了下${jre_home}/lib/security/java.security, 好像可以开启10
# the NSS security provider was not enabled for this build; it can be enabled
# if NSS (libnss3) is available on the machine. The nss.cfg file may need
# editing to reflect the location of the NSS installation.
#security.provider.10=sun.security.pkcs11.SunPKCS11 ${java.home}/lib/security/nss.cfg
oracle jdk应该测试稳定多些, 他可能尽量使用了静态库, 毕竟oracle jdk安装之后是比较大, 而openjdk似乎蛮多是动态库, 但是wget很难下载到oracle jdk, 将就用着吧
相关文章推荐
- HDU 5046 Airport (2014年上海赛区网络赛E题)
- 卷积神经网络(CNN)
- Kali Linux解决有线网络托管问题
- 网络常考
- java模拟http的Get/Post请求,并设置ip与port代理
- Linux系统--Linux网络管理与配置
- Java之-----------TCP编程(小练习大用处)
- HTTP 状态码
- TCP/IP各层协议、工作设备、网络地址划分总结 《TCP-IP详解卷1:协议》读书笔记一 概述(内附思维导图)
- Big Number(http://acm.hdu.edu.cn/showproblem.php?pid=1018)
- 第18章(四)TCP非正常关闭
- Linux 部分(tcp\ip)系统内核优化
- 第18章 (三)TCP非正常打开
- Linux网络属性配置管理及其相关命令
- Linux精品之NFS介绍与应用(双httpd + php-fpm + nfs + mysql 搭建discuz论坛)
- 第18章(二)TCP状态变迁图与2MSL等待状态
- SDWebImage\ASIHttpRequest是第三方库
- 第18章(一)TCP连接建立和终止的正常情况
- 第17章TCP 基本概念
- 使用事件驱动模型实现高效稳定的网络服务器程序