Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Is Java SSL broken in OpenJDK on Ubuntu?

Tags:

java

ssl

ubuntu

openjdk

I am on a fresh install of Ubuntu having just installed OpenJDK:

OpenJDK 64-Bit Server VM (build 19.0-b09, mixed mode) on Ubuntu 64 bit 10.10

Not sure if this is relevant, but I'm running it from within VMWare Fusion.

The following line:

javax.net.SSLContext.getDefault(); // same as getInstance("Default")

throws the following exception:

java.net.SocketException: java.security.NoSuchAlgorithmException: Default SSLContext not available

My colleagues and I have tried this on several machines, all fresh installs of Ubuntu, and keep getting this. I was advised to try getInstance("TLSv1"), but this threw the same error. Seems like something really fundamental to not be working so I figure we must be doing something wrong.

like image 842
Francisco Ryan Tolmasky I Avatar asked Jan 09 '11 20:01

Francisco Ryan Tolmasky I

2 Answers

guido's answer pointed me in the right direction. It's just a matter of doing:

sudo apt-get install libbcprov-java
like image 120
Paul Baumgart Avatar answered Sep 29 '22 17:09

Paul Baumgart

openjdk shipped with ubuntu may be missing a JCE provider; download the bouncycastle crypto api from http://www.bouncycastle.org/ (its an open source project implementing JCE) and put it in your project classpath.

Then in your class refer to the following sample code:

static {
    Security.addProvider( new BouncyCastleProvider() );
}

public SSLSocket getSSLSocket() {

    // Load the Keystore
    KeyStore ks = KeyStore.getInstance(keystoreType);
    ks.load(new FileInputStream(this.keyStorePath),this.keyStorePass.toCharArray());

    // Get a KeyManager and initialize it 
    KeyManagerFactory kmf = KeyManagerFactory.getInstance("sunx509");
    kmf.init(ks, this.keyStorePass.toCharArray());

    // Get a TrustManagerFactory and init with KeyStore
    TrustManagerFactory tmf = TrustManagerFactory.getInstance("sunx509");
    tmf.init(ks);

    // Get the SSLContext to help create SSLSocketFactory
    SSLContext sslc = SSLContext.getInstance("TLS");
    sslc.init(kmf.getKeyManagers(), null, null);

    // Get SSLSocketFactory and get a SSLSocket
    SSLSocketFactory sslsf = sslc.getSocketFactory();
    SSLSocket socket = (SSLSocket) sslsf.createSocket(host, port);
    return socket;
}
like image 21
guido Avatar answered Sep 29 '22 17:09

guido
Sign in to Comment

Related questions

How to securely store a PrivateKey in code [duplicate]
EJB3 - obtaining bean via injection vs lookup - what are the differences, implications, gotchas?
Detecting self crossing in closed Bezier curves
How to debug Java Web Start applications?
Java collections that spool to disk
Java - Difference between SwingWorker and SwingUtilities.invokeLater()
Calling Java vararg method from Scala with primitives
Suggestions for a java Mock File (to mock java.io.File)
Get declared methods in order they appear in source code
WebKit browser in Java app on multiple platforms
The various options for solving PermGen problems
Problems with generating sql via eclipseLink - missing separator
How 'expensive' is it to execute jstack on a running JVM?
Using JAXB to pass subclass instances as superclass
Programmatical approach in Java for file comparison
Could ByteBuffer implement DataOutput/DataInput?
Converting a List<String> to a List<Integer> (or any class that extends Number)
Are there libraries similar to the Three20 Project for Android?
A simple java SOAP client
hadoop map reduce job with HDFS input and HBASE output

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!