Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Java and SSL - java.security.NoSuchAlgorithmException

Tags:

java

security

ssl

I've built a Java program as a front end for a database on a server, and I'm trying to use SSL to encrypt traffic between clients and the server. Here is the command I issued to create the server certificate:

keytool -genkey -alias localhost -keyalg RSA -keypass kpass123 -storepass kpass123 -keystore keystore.jks 

Here is the relevant code:

System.setProperty("javax.net.ssl.keyStore",                    "G:/Data/Android_Project/keystore.jks");  System.setProperty("javax.net.ssl.keyPassword", "kpass123");  SSLServerSocketFactory factory =      (SSLServerSocketFactory)SSLServerSocketFactory.getDefault();  SSLServerSocket accessSocket =      (SSLServerSocket)factory.createServerSocket(DB_ACCESS_PORT); 

When I try to run this, I catch this:

java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)

I've also found that the "KeyPairGenerator" service has algorithms DIFFIEHELLMAN, DSA, RSA available to it, while "SSLContext" has algorithms SSL, TLS, SSLV3, DEFAULT, TLSV1.

Do I need to find some way to install RSA into the SSLContext service? Am I even looking at the correct services? Should I not be using RSA?

I'm new to the whole SSL - Security - Certificates thing, and it just blows me away that each of these different services don't have the same algorithms when they are supposed to be accessing the same certificates.

like image 288
Zarjio Avatar asked Jun 15 '11 22:06

Zarjio


People also ask

What is SSL Java?

Simply put, the Secured Socket Layer (SSL) enables a secured connection between two parties, usually clients and servers. SSL provisions a secure channel between two devices operating over a network connection. One usual example for SSL is to enable secure communications between web browsers and web servers.

What is no such algorithm exception?

public NoSuchAlgorithmException(String msg) Constructs a NoSuchAlgorithmException with the specified detail message. A detail message is a String that describes this particular exception, which may, for example, specify which algorithm is not available.

What is Djavax net SSL trustStore?

-Djavax. net. ssl. trustStore specifies the truststore file to use to validate client certificates.


1 Answers

Try javax.net.ssl.keyStorePassword instead of javax.net.ssl.keyPassword: the latter isn't mentioned in the JSSE ref guide.

The algorithms you mention should be there by default using the default security providers. NoSuchAlgorithmExceptions are often cause by other underlying exceptions (file not found, wrong password, wrong keystore type, ...). It's useful to look at the full stack trace.

You could also use -Djavax.net.debug=ssl, or at least -Djavax.net.debug=ssl,keymanager, to get more debugging information, if the information in the stack trace isn't sufficient.

like image 197
Bruno Avatar answered Oct 02 '22 17:10

Bruno