Java NoClassDefFoundError With SSL Connection

Question

We have an application that uses a JAX-RPC client library and is running on a legacy version of Java (1.4.2) and are receiving the following SSL error:

java.lang.NoClassDefFoundError
    javax.crypto.Cipher.a(DashoA6275)
    javax.crypto.Cipher.getInstance(DashoA6275)
    com.sun.net.ssl.internal.ssl.SunJSSE_i.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.CipherBox$JCECipherBox.<init>(DashoA12275)
    com.sun.net.ssl.internal.ssl.CipherRC4.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_h.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.CipherSuite$BulkCipher.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_ax.c(DashoA12275)
    com.sun.net.ssl.internal.ssl.SSLSocketImpl.f(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_az.j(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_az.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SunJSSE_ax.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SSLSocketImpl.a(DashoA12275)
    com.sun.net.ssl.internal.ssl.SSLSocketImpl.j(DashoA12275)
    com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(DashoA12275)
    sun.net.www.protocol.https.HttpsClient.afterConnect(DashoA12275)
    sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(DashoA12275)
    sun.net.www.protocol.http.HttpURLConnection.getOutputStream(HttpURLConnection.java:569)
    sun.net.www.protocol.https.HttpsURLConnectionImpl.getOutputStream(DashoA12275)
    com.sun.xml.rpc.client.http.HttpClientTransport.writeMessageToConnection(HttpClientTransport.java:278)
    com.sun.xml.rpc.client.http.HttpClientTransport.invoke(HttpClientTransport.java:64)
    com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:69)
    [ ... trace continues into internal application code ... ]

This has worked for us before and the only changes to the client library are ones related to the authentication protocol used and required an update to the latest build of BouncyCastle. These changes were all at a higher level than the SSL protocol and this error appears to not even involve BouncyCastle.

Has anyone seen an error like this before and perhaps have any thoughts or suggestions? I tried adding the certificate to cacerts. This works fine if run against Java 1.6 however unfortunately the production system running this is still tied to Java 1.4 for the time being.

Also, our JAX-RPC code, and the authentication it does works correctly if we connect to our development systems without SSL.

[edit - additional information] I can now see that there is some conflict happening with the newer versions of BouncyCastle to cause the issue. I've tried using the ancient (1.18) version and I seem to not get the SSL error, but instead get one from our application because it requires newer algorithms.

Answer 1

So, after a lot of research I finally discovered that deep in our code we inserted the BC provider as provider number 1.

Security.insertProviderAt(prov, 1);

Instead of doing that changing to just adding the provider fixed the issue.

Security.addProvider(prov);