I'm trying to connect to Openshift from Eclipse Mars IDE.
I can very well login to my Openshift account on the web.... Also, going by the error message, I even created new private/public keys and retried connecting but still to no avail. Then I ran a JBossTools update, and tried again, yet no solution.
Here's the closest JBoss Tools BugTrack that I found related to my case, https://issues.jboss.org/browse/JBIDE-14760, but it turns out this is recorded as fixed since JBossTools 4.1.0, whereas I have 4.3.0 on both Mars and Luna
What's even more disturbing is the fact that I've previously been able to make this connection some time ago with Eclipse Luna, then I went back to Luna and tried again but still was unable to make the Openshift connection.
See screenshots of the error messages below;
Eclipse Mars (Error Screenshot below);
Eclipse Luna (Error Screenshot below);
And following is the StackTrace from the logs looks as follows:
!ENTRY org.jboss.tools.openshift.express.ui 4 4 2015-10-09 18:05:58.143
!MESSAGE Could not request https://openshift.redhat.com/broker/rest/api: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
!STACK 0
com.openshift.client.OpenShiftEndpointException: Could not request https://openshift.redhat.com/broker/rest/api: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
at com.openshift.internal.client.RestService.request(RestService.java:120)
at com.openshift.internal.client.RestService.request(RestService.java:92)
at com.openshift.internal.client.AbstractOpenShiftConnectionFactory.getConnection(AbstractOpenShiftConnectionFactory.java:36)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:198)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:158)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:114)
at com.openshift.client.OpenShiftConnectionFactory.getConnection(OpenShiftConnectionFactory.java:103)
at org.jboss.tools.openshift.express.internal.core.connection.Connection.createUser(Connection.java:229)
at org.jboss.tools.openshift.express.internal.core.connection.Connection.connect(Connection.java:205)
at org.jboss.tools.openshift.express.internal.ui.wizard.connection.ConnectionWizardPageModel.connect(ConnectionWizardPageModel.java:247)
at org.jboss.tools.openshift.express.internal.ui.wizard.connection.ConnectionWizardPage$ConnectJob.run(ConnectionWizardPage.java:479)
at org.eclipse.core.internal.jobs.Worker.run(Worker.java:54)
Caused by: com.openshift.internal.client.httpclient.HttpClientException: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.createException(UrlConnectionHttpClient.java:201)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:161)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:140)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.get(UrlConnectionHttpClient.java:99)
at com.openshift.internal.client.RestService.request(RestService.java:160)
at com.openshift.internal.client.RestService.request(RestService.java:107)
... 11 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
at java.lang.reflect.Constructor.newInstance(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$10.run(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$10.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.net.www.protocol.http.HttpURLConnection.getChainedException(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at java.net.HttpURLConnection.getResponseCode(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(Unknown Source)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.createException(UrlConnectionHttpClient.java:184)
... 16 more
Caused by: javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: No X509TrustManager implementation available
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Unknown Source)
at com.openshift.internal.client.httpclient.UrlConnectionHttpClient.request(UrlConnectionHttpClient.java:157)
... 15 more
Caused by: java.security.cert.CertificateException: No X509TrustManager implementation available
at sun.security.ssl.DummyX509TrustManager.checkServerTrusted(Unknown Source)
... 29 more
Similar SO posts such as this have offered little or no concrete help either.
Thanks.
please make sure you use latest JDK version since older ones had issues with ssh after heartbleed.
if you see something else please report issue in https://jira.jboss.org/jira/browse/JBIDE
Ok here's what I did and afterwards I was able to establish the Openshift connection from Eclipse Mars
I suspect it was an outdated windows installer problem because all I did was just attempt to re-install my Eclipse Mars which i got from here
NOTE - in my previous installation, I did not notice the update option in the installer so I installed without updating. Well, I believe that copy did not contain the Bug Fixes that solved this particular problem
However, when I attempted to re-install, i noticed the update icon at the top right corner (see image below) so I first of all updated before continuing with the installation process. I guess this just downloaded and applied all the bug fixes before installing.
Afterwards, I tried to establish the OpenShift connection from within my Eclipse Mars IDE without changing anything (...when I say 'anything', I mean my public/private key pair), and Voila, the connection got established.
I hope this helps anyone who runs into this problem and bumps into this post.
Related
When using Java 8 update 162 and older in Internet Explorer, the applet loads and works as expected. When removing Java 8 update 162 and install Java 8 update 171 or 172, the applet errors with ClassNotFoundException referencing the class listed in the code attribute of the applet tag. I don't see any reason for this in the 171 or 172 release notes or the 171 or 172 bug fixes. I'm using Windows 10 Pro version 1709 build 16299.371. The applet is signed with a certificate that is trusted and still valid. There aren't any exceptions in the Exception Site List and adding an exception for this site (it worked fine without one on Java 8u162) still displays the exception. Using Java 8 update 162 and older is still working on another PC.
When clearing the Application cache in the Java configuration, the applet's JAR file doesn't appear again in the cache.
Are you aware of any changes in Java 8u171 or 172 that affect applets? Do you have any suggestions to resolve this?
Update 1: I'm aware that applets are deprecated in Java 9 and that applets don't work in Firefox and Chrome, but this is in Internet Explorer.
Update 2: I'm also aware that the 3DES Cipher Suites have been disabled in the update to 171 and 172, but the current digest algorithm is SHA-256 and the signature algorithm is SHA256withRSA with a 2048-bit key, which matches the signing certificate's signature algorithm and key. I've even tried signing the applet using Java 8 Update 172 without altering java.security to remove 3DES_EDE_CBC and using that version the ClassNotFoundException still persists as expected.
Update 3: When using Fiddler 4 or Charles as a proxy for Internet Explorer and capturing traffic between the server and the browser, the applet loads and works as expected. Both the Java SE Runtime Environment 8 Update 172 and Java Plug-in 11.172.2 Add-ons are set to Allow on all sites. When I clear the applet from the Resources cache using the Java Cache Viewer in the Java Control Panel, the applet doesn't download in the cache again without the proxy, but if I use a proxy again then it does download into the cache. My guess is that the proxy traffic is being treated as local and so has different permissions. Any other ideas or what permissions it could be?
Update 4: Enabling the debugging options in the Java Control Panel causes the full stack trace to show, where CODE_ATTRIBUTE_VALUE is the value I set on the code attribute of the applet tag. The applet's JAR file doesn't seem to be downloading even though I list it in the archive attribute.
java.lang.ClassNotFoundException: CODE_ATTRIBUTE_VALUE
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
The Java Console now also shows more details about the connection and I see the following which is the cause:
javax.net.ssl.SSLHandshakeException: Remote host closed connection during handshake
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.net.www.protocol.https.HttpsClient.afterConnect(Unknown Source)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Unknown Source)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.connect(Unknown Source)
at sun.plugin.PluginURLJarFileCallBack.connect(Unknown Source)
at sun.plugin.PluginURLJarFileCallBack.retrieve(Unknown Source)
at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source)
at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source)
at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source)
at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source)
at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown Source)
at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFileInternal(Unknown Source)
at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$900(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$JarLoader.<init>(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)
at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.io.EOFException: SSL peer shut down incorrectly
at sun.security.ssl.InputRecord.read(Unknown Source)
... 40 more
Currently the applet is hosted on Windows Server 2003 using IIS. Moving it to Windows Server 2008 also using IIS causes that problem to go away. Mr. Laitinen was right the TLS connection was using 3DES_EDE_CBC.
JAVA_HOME\lib\security\java.security
Update 171 adds 3DES_EDE_CBC to the list of disabled algorithms (jdk.tls.disabledAlgorithms). Remove it and your applet will work again.
Faced the same issue and it comes down to Update 171 no longer supporting TLS 1.0.
Our webserver was old and only supported TLS 1.0 so the download of the Applet was failing and this could be seen in the Java Console, the connection was being closed.
Upgraded the webserver to support TLS 1.2 and it all works again.
I'm trying to run a java JNLP-based application.
It works fine from home : javac+javaws are the same v.1.8.?
Now I'm trying to run my application at work. I'm working behind a proxy and I used the Controlpanel to tell java to bypass the proxy for our local server hosting the JNLP.
On the server side, the aplication is compiled with
javac 1.7.0_60
On the client side, I'm trying to run it with:
$ javaws -version
Java(TM) Web Start 11.40.2.26-fcs
$ java -version
java version "1.8.0_40"
Nevertheless, I get the following exception in javaws
javax.net.ssl.SSLHandshakeException: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at sun.security.ssl.Alerts.getSSLException(Alerts.java:192)
at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1937)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:302)
at sun.security.ssl.Handshaker.fatalSE(Handshaker.java:296)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1478)
at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:212)
at sun.security.ssl.Handshaker.processLoop(Handshaker.java:969)
at sun.security.ssl.Handshaker.process_record(Handshaker.java:904)
at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1050)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1363)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1391)
at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1375)
at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563)
at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream0(HttpURLConnection.java:1512)
at sun.net.www.protocol.http.HttpURLConnection.access$200(HttpURLConnection.java:90)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1432)
at sun.net.www.protocol.http.HttpURLConnection$9.run(HttpURLConnection.java:1430)
at java.security.AccessController.doPrivileged(Native Method)
at java.security.AccessController.doPrivileged(AccessController.java:713)
at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1429)
at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(HttpsURLConnectionImpl.java:254)
at com.sun.deploy.net.HttpUtils.followRedirects(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.checkUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.isUpdateAvailable(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.javaws.Launcher.updateFinalLaunchDesc(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.prepareToLaunch(Unknown Source)
at com.sun.javaws.Launcher.launch(Unknown Source)
at com.sun.javaws.Main.launchApp(Unknown Source)
at com.sun.javaws.Main.continueInSecureThread(Unknown Source)
at com.sun.javaws.Main.access$000(Unknown Source)
at com.sun.javaws.Main$1.run(Unknown Source)
at java.lang.Thread.run(Thread.java:745)
Caused by: com.sun.deploy.security.RevocationChecker$StatusUnknownException
at com.sun.deploy.security.RevocationChecker.checkCRLs(Unknown Source)
at com.sun.deploy.security.RevocationChecker.check(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.doRevocationCheck(Unknown Source)
at com.sun.deploy.security.RevocationCheckHelper.checkRevocationStatus(Unknown Source)
at com.sun.deploy.security.X509TrustManagerDelegate.checkTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManagerDelegate.checkServerTrusted(Unknown Source)
at com.sun.deploy.security.X509Extended7DeployTrustManager.checkServerTrusted(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(ClientHandshaker.java:1460)
... 33 more
I read https://community.oracle.com/thread/3651870?start=15&tstart=0
But I don't really understand what I should do.
For example, I've commented out <>/lib/security/java.security
#jdk.tls.disabledAlgorithms=SSLv3
but that still doesn't work. As I see a 'getInputStream' in the stacktrace, I wonder if javaws tries to download something outside the proxy ?
Any idea ?
EDIT: the JNLP works if,in the controlPanel, I check
Perform signed code: do not check (not recommended)
Perform TLS certificatie revocation: do not check (not recommended)
is this problem linked to my proxy server ?
Java certificate revocation checking uses one or both of these methods:
Certificate Revocations Lists (CRLs)
This method needs lists to be generated and published periodically by Certificate Authority (CA) to keep the it current.
Online Certificate Status Protocol (OCSP)
This method performs a real time certificate status check with CA making it more reliable and faster.
If your server certificate is self-signed, or your company has an internal CA, your JRE may not be able to complete the revocation check properly -- hence the "Unknown" status. If you want to run with revocation checking on (and usually you do), you will need certs signed by a CA that supports one or both of these methods.
It is also important to remember that there are potentially two certificates in play here:
The cert used to sign the JARs; and
The cert used to connect to the server
Both certs must be signed and valid (that is, not revoked) in order for the handshake to succeed.
I'm running a 3rd party app which fails with the following stacktrace when trying to create a SSL connection to a server:
The root exception is this:
Caused by: java.lang.SecurityException: Toolkit not encapsulated by a jar.
at com.rsa.jcm.f.hq.a(Unknown Source)
at com.rsa.jcm.f.jg.b(Unknown Source)
at com.rsa.crypto.jcm.ModuleLoader.a(Unknown Source)
at com.rsa.crypto.jcm.ModuleLoader.load(Unknown Source)
... 43 more
Has anyone seen this occur when connecting over SSL that uses RSA? I've worked the google and there isn't anything obvious as to why this would happen.
This particular error happens on a Mac, and I've got a windows version of the same app which works correctly. Main difference being they bundle the JRE in the windows version, so I checked various security policies etc but there are no great differences in the JRE on windows vs the JRE on my mac.
The full stacktrace looks like this:
Caused by: java.lang.Error: Problem loading module.
at com.rsa.cryptoj.o.ju.g(Unknown Source)
at com.rsa.cryptoj.o.ju.c(Unknown Source)
at com.rsa.cryptoj.o.gd.a(Unknown Source)
at com.rsa.cryptoj.o.dm.b(Unknown Source)
at com.rsa.cryptoj.o.dm.<clinit>(Unknown Source)
at com.rsa.cryptoj.o.me.newInstance(Unknown Source)
at javax.crypto.Cipher.chooseProvider(Cipher.java:845)
at javax.crypto.Cipher.init(Cipher.java:1348)
at sun.security.ssl.CipherBox.<init>(CipherBox.java:175)
at sun.security.ssl.CipherBox.newCipherBox(CipherBox.java:208)
at sun.security.ssl.CipherSuite$BulkCipher.newCipher(CipherSuite.java:467)
at sun.security.ssl.CipherSuite$BulkCipher.isAvailable(CipherSuite.java:507)
at sun.security.ssl.CipherSuite$BulkCipher.isAvailable(CipherSuite.java:485)
at sun.security.ssl.CipherSuite.isAvailable(CipherSuite.java:190)
at sun.security.ssl.SSLContextImpl.getApplicableCipherSuiteList(SSLContextImpl.java:342)
at sun.security.ssl.SSLContextImpl.getDefaultCipherSuiteList(SSLContextImpl.java:300)
at sun.security.ssl.SSLSocketImpl.init(SSLSocketImpl.java:576)
at sun.security.ssl.SSLSocketImpl.<init>(SSLSocketImpl.java:512)
at sun.security.ssl.SSLSocketFactoryImpl.createSocket(SSLSocketFactoryImpl.java:73)
at com.somevendor.client.common.spring.remoting.http.e.createSocket(Unknown Source)
at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
at org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.open(MultiThreadedHttpConnectionManager.java:1361)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:346)
at com.somevendor.client.common.spring.remoting.http.SecureHttpInvokerRequestExecutor.executePostMethod(Unknown Source)
at org.springframework.remoting.httpinvoker.CommonsHttpInvokerRequestExecutor.doExecuteRequest(CommonsHttpInvokerRequestExecutor.java:140)
at org.springframework.remoting.httpinvoker.AbstractHttpInvokerRequestExecutor.executeRequest(AbstractHttpInvokerRequestExecutor.java:136)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:192)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.executeRequest(HttpInvokerClientInterceptor.java:174)
at org.springframework.remoting.httpinvoker.HttpInvokerClientInterceptor.invoke(HttpInvokerClientInterceptor.java:142)
... 7 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:601)
... 39 more
Caused by: java.lang.SecurityException: Toolkit not encapsulated by a jar.
at com.rsa.jcm.f.hq.a(Unknown Source)
at com.rsa.jcm.f.jg.b(Unknown Source)
at com.rsa.crypto.jcm.ModuleLoader.a(Unknown Source)
at com.rsa.crypto.jcm.ModuleLoader.load(Unknown Source)
... 43 more
Answering as I worked it out (5 years ago..). This exception happens when there is whitespace in the fully qualified path to the jar file that is been executed.
So this works:
/Users/stringy05/app/app.jar
But if you use a path with a space:
/Volumes/Macintosh HD/Users/stringy05/app/app.jar
Then it fails. When this originally happened I had a soft link in /Users/stringy05 to another hard disk, so either java or the OS was resolving the link path to the real path and it would fail.
After upgrading to Java 7, when launching remote jnlp, I see the following exception in the Java console:
java.security.KeyStoreException: WIExplorerMy not found
at java.security.KeyStore.getInstance(Unknown Source)
at com.sun.deploy.services.WPlatformService$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.services.WPlatformService.getBrowserClientAuthKeyStore(Unknown Source)
at sun.plugin2.applet.context.InitialJNLPExecutionContext.getBrowserClientAuthKeyStore(Unknown Source)
at sun.plugin2.main.client.DisconnectedExecutionContext.getBrowserClientAuthKeyStore(Unknown Source)
at sun.plugin2.applet.Applet2BrowserService.getBrowserClientAuthKeyStore(Unknown Source)
at com.sun.deploy.security.X509DeployKeyManager.<init>(Unknown Source)
at com.sun.deploy.net.protocol.https.Handler$Initializer$1.run(Unknown Source)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.deploy.net.protocol.https.Handler$Initializer.<clinit>(Unknown Source)
at com.sun.deploy.net.protocol.https.Handler.openConnection(Unknown Source)
at java.net.URL.openConnection(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.createUrlConnection(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doRequest(Unknown Source)
at com.sun.deploy.net.BasicHttpRequest.doGetRequestEX(Unknown Source)
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)
at com.sun.deploy.net.DownloadEngine.downloadResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.deploy.cache.ResourceProviderImpl.getResource(Unknown Source)
at com.sun.javaws.LaunchDownload$DownloadTask.call(Unknown Source)
at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.NoSuchAlgorithmException: WIExplorerMy KeyStore not available
at sun.security.jca.GetInstance.getInstance(Unknown Source)
at java.security.Security.getImpl(Unknown Source)
... 26 more
In addition the error screen saying "Error. Click for details" appears for about 2 seconds and disappears afterwards.
Other then that, everything seems to function normally.
With Java 6 everything works as expected.
Ideas how to fix it?
I think some of the latest Java 7 updates have obsoleted some encryption schemes, so that would be a completely normal exception to get if you were using one of these while using Java 6.
See this list of enhancements and changes for Java 7:
Weak cipher suites deprecated
Per RFC 4346, RFC 5246, and RFC 5469, some cipher suites have been made obsolete and should not be used. These obsolete suites are all disabled by default in SunJSSE. For details, consult the cipher suite lists in the documentation about the SunJSSE provider.
That being said, that would explain the NoSuchAlgorithmException, but the error message seems to mention something about a missing keystore, so this may be unrelated and we woud need you to provide a SSCCE or anything close enough to one.
I solved this problem by adding
security.provider.11=com.sun.deploy.security.MSCryptoProvider
to C:\Program Files\Java\jre1.8.0_31\lib\security\java.security
Although the error wasn't fatal for me, it is just the javaws trying to read the local browser key store before falling back to the java keystores that are managed by the control panel. Those files are in C:\Users\USERID\AppData\LocalLow\Sun\Java\Deployment\security
Interestingly there is a security provider that comes pre-wired into the java.security file, and it is
security.provider.10=sun.security.mscapi.SunMSCAPI
This provider can also read the browser keystore, but the store type is windows-my, and not WIExplorerMy
Tarlog, do you have any resolution found yet? I have the same problem, I am suspecting that the first problem with KeyStoreException exception only happens if you are trying secure connection. And that sinister "Error. Click for details" issue happens on any Applet loaded through an jnlp.
I could not find any resolution yet.
Edit: For the KeyStoreException I have realised that the problem occured due to apache certificate files were gone somehow. I have generated ceritificate files and restarted apache. The exception no longer occurs.
The other problem with Error window still exists.
With regard to the Error Click for details issue – I resolved this by adding a class to the source that implements javax.jnlp.DownloadServiceListener (can just be a dummy class) and then specifying that class in your jnlp file (applet-desc/#progress-class="YourClass")
Any fix to avoid this exception while starting WLDF Console? Thanks.
java.lang.ClassFormatError: Incompatible magic value 218762506 in class file com/bea/diagnostics/dashboard/ChartPanelApplet
at java.lang.ClassLoader.defineClass1(Native Method)
at java.lang.ClassLoader.defineClassCond(Unknown Source)
at java.lang.ClassLoader.defineClass(Unknown Source)
at java.security.SecureClassLoader.defineClass(Unknown Source)
at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
at java.lang.ClassLoader.loadClass(Unknown Source)
at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)
at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Exception: java.lang.ClassFormatError: Incompatible magic value 218762506 in class file com/bea/diagnostics/dashboard/ChartPanelApplet
There is an earlier Sun bug report on this issue, with JDK 1.4
you are mostly running JDK 1.6 but take a look at the bug report.
Short Summary (gleaned from this forum) :
The Java plug-in of your browser tries
to get some .class file from the
current location (your server) and
fails because your server returns some
custom 404 page. Let's try to check
the Java console to see what really is
requested. Please, run the Java
console, set the trace level to 5
(highest level).
Enable the Java console on Windows for IE browser and see if it gives a detail on which URL is giving the 404 or some other error.
Further Reading
Oracle forum question