Project

General

Profile

Story #8101

Openjdk 1.7.0_131 upgrade breaks d1_libclient_java

Added by Jing Tao over 7 years ago. Updated almost 7 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Category:
Support Operations
Target version:
Start date:
2017-05-25
Due date:
% Done:

100%

Story Points:
Sprint:

Description

I had a piece of java client code which talked with CNs and it worked. However, it stopped working on the second day. I didn't change anything in my code. The error message was the cn list hasn't been initialized.
I turned on the ssl debug and saw the error message:
[junit] main, handling exception: java.security.ProviderException: java.security.InvalidKeyException: EC parameters error
[junit] %% Invalidated: [Session-1, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA]
[junit] main, SEND TLSv1.2 ALERT: fatal, description = internal_error
[junit] main, WRITE: TLSv1.2 Alert, length = 2
[junit] [Raw write]: length = 7
[junit] 0000: 15 03 03 00 02 02 50 ......P
[junit] main, called closeSocket()
[junit] @build.context@ 20170519-11:52:15: [DEBUG]: http-outgoing-0: Shutdown connection

It wasn't very helpful.

I also wrote a simple version of the client code. It seems the d1_libclient_java couldn't talk with any server. But this time the error message made more sense:
[junit] Caused by: java.security.InvalidKeyException: EC parameters error
[junit] at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:284)
[junit] at sun.security.ec.ECPublicKeyImpl.(ECPublicKeyImpl.java:59)
[junit] at sun.security.pkcs11.P11Key$P11ECPublicKey.getEncodedInternal(P11Key.java:1021)
[junit] ... 52 more
[junit] Caused by: java.security.NoSuchProviderException: no such provider: SunEC
[junit] at sun.security.jca.GetInstance.getService(GetInstance.java:83)
[junit] at sun.security.jca.GetInstance.getInstance(GetInstance.java:206)
[junit] at java.security.Security.getImpl(Security.java:697)
[junit] at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:199)
[junit] at sun.security.ec.ECParameters.getAlgorithmParameters(ECParameters.java:279)
[junit] ... 54 more

History

#1 Updated by Jing Tao over 7 years ago

  • Status changed from New to In Progress
  • % Done changed from 0 to 30

After search online, I found this is caused by the missing of the sunec.jar file. It is weird that previous versions don't need it (it doesn't exist in the previous version) but the 131 version needs this jar file.

I copied the sunec.jar from the oracle jdk 1.7.0_80/jre/lib/ext to the openjdk-7/jre/lib/ext. The error is gone.

I have done the copy on member nodes on dev, sandbox and production env. I need to do more.

#2 Updated by Dave Vieglais over 7 years ago

  • Target version set to CCI-2.3.6

#3 Updated by Jing Tao about 7 years ago

  • Target version changed from CCI-2.3.6 to CCI-2.3.7

#4 Updated by Dave Vieglais about 7 years ago

  • Status changed from In Progress to Closed
  • % Done changed from 30 to 100

#5 Updated by Dave Vieglais almost 7 years ago

  • Sprint set to CCI-2.3.7

Also available in: Atom PDF

Add picture from clipboard (Maximum size: 14.8 MB)