Jump to content

Could not generate DH keypair Exception on doing HTTPS POST


maarten_5

Recommended Posts

Context: I'm working with Jasper Reports version 4.1.2 with JDK 1.7.0_79 set to compile at Java 1.6 on a windows 8 development machine.

Now the actual problem: Somewhere else in the application I'm trying to do a HTTPS post to a server. Unfortunately this is failing because an exception is thrown stating "Could not generate DH Keypair".  At the end of the stacktrace it tells me something about BouncyCastel. 

Caused by: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec at org.bouncycastle.jce.provider.JDKKeyPairGenerator$EC.initialize(Unknown Source) at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:76) ... 135 more[/code]

BouncyCastle [bC] seems to be included by iText which probably sets the global java security for the whole application with something like :

Security.addProvider(new BouncyCastleProvider());[/code]
When my post is trying to get the responsecode this provider is used and because the server I'm posting to is probably using primesize of more than 1024 bits.  ( http://stackoverflow.com/questions/6851461/java-why-does-ssl-handshake-give-could-not-generate-dh-keypair-exception

What I tried to do: Http posts are working without any problems however, I prefer to use HTTPS. 

Another thing, I can workaround the issue by removing the bcmail-jdk14,bcprov-jdk14,and bctsp-jdk14,jars from the webcontainer and replacing them by the -jdk16 equivalents. This way my https post worked fine :) . However I'm not sure whether this might cause any problems for JasperReports. I was thinking about upgrading to 6.1.0 but I found out that version also uses the old BouncyCastle Provides. 

Adding all kinds of stuff to the httpheaders but ofcourse this didn't solve anything.

 

Question

I am assuming more people are doing trivial stuff such as HTTPS posts combinde with JasperReports so I hope someone else knows how to solve this. 

Java code

HttpsURLConnection con = (HttpsURLConnection) newurl.openConnection();        con.setRequestMethod("POST");        con.setRequestProperty("User-Agent", "Mozilla/5.0");        con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");        int responseCode = con.getResponseCode();[/code]

 

Exception Stacktrace

These are the first lines of the first exception

 

javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1862) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1845) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1366) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)[/code]

 

 

 

 

 

Link to comment
Share on other sites

  • 2 years later...
  • Replies 1
  • Created
  • Last Reply

Top Posters In This Topic

Top Posters In This Topic

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...