SSL connection problems


General J2EE: SSL connection problems

  1. SSL connection problems (3 messages)

    I'm trying to execute a Post request using HTTPS. To achieve that I'm using commons-httpclient v.3.0rc1 and a custom SSLSocketProtocolSocketFactory that can work with untrusted self-signed certificates.

    My code works on Windows 2000 Pro, but it fails on Linux (Suse Linux 8.2). However I'm using JDK 1.4.2 both in Windows and LInux, with the same list of security providers set at $JAVA_HOME/jre/lib/security/ file.

    I've heard about problems with security when upgrading form JDK 1.4.x to JDK 1.5, but it's not the case.

    Any idea about this?

    This is the exception I get when I run my code on Linux:

    Caused by: RSA premaster secret error
    at<init>( 86)
    at java:514)
    at ava:160)
    at org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConne
    at org.apache.commons.httpclient.HttpMethodBase.writeRequest( 920)
    at org.apache.commons.httpclient.HttpMethodBase.execute(
    at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDir
    at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirect
    at org.apache.commons.httpclient.HttpClient.executeMethod(
    at org.apache.commons.httpclient.HttpClient.executeMethod(
    at )
    ... 6 more
    Caused by: Cannot find any provider supporting RSA/ECB/PKCS1Padding
    at javax.crypto.Cipher.getInstance(DashoA12275)
    at<init>( 82)
    ... 24 more

    Threaded Messages (3)

  2. SSL connection problems[ Go to top ]

    I've read in other forums that server and client running on same machine can cause problems using SSL. Is that real? My server run always on Linux and client is installed in Windows (a second machine) and Linux (server machine). Could it happen even when server uses JDK 1.5 and client uses JDK 1.4.2? May JDK version conflicts appear?
  3. Any solution for this issue?[ Go to top ]

    We are facing the same issue. One workaround is that when we upgrade the jce policy jars (at /jre/lib/security) to export strength policy jars, the issue goes away.. but we do not want this upgrade. Any other feasible solution? Karthikeyan PK
  4. have a look at https ://

    (sorry for mutilating this URL, but this forum refuses simple urls :( )