Could not generate DH keypair Exception on doing HTTPS POST

Posted on June 11, 2015 at 6:51am

Context: I'm working with Jasper Reports version 4.1.2 with JDK 1.7.0_79 set to compile at Java 1.6 on a windows 8 development machine.

Now the actual problem: Somewhere else in the application I'm trying to do a HTTPS post to a server. Unfortunately this is failing because an exception is thrown stating "Could not generate DH Keypair".  At the end of the stacktrace it tells me something about BouncyCastel. 

Caused by: java.security.InvalidAlgorithmParameterException: parameter object not a ECParameterSpec at org.bouncycastle.jce.provider.JDKKeyPairGenerator$EC.initialize(Unknown Source) at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:76) ... 135 more

BouncyCastle [BC] seems to be included by iText which probably sets the global java security for the whole application with something like :

Security.addProvider(new BouncyCastleProvider());
When my post is trying to get the responsecode this provider is used and because the server I'm posting to is probably using primesize of more than 1024 bits. ( http://stackoverflow.com/questions/6851461/java-why-does-ssl-handshake-g... )

What I tried to do: Http posts are working without any problems however, I prefer to use HTTPS.

Another thing, I can workaround the issue by removing the bcmail-jdk14,bcprov-jdk14,and bctsp-jdk14,jars from the webcontainer and replacing them by the -jdk16 equivalents. This way my https post worked fine :) . However I'm not sure whether this might cause any problems for JasperReports. I was thinking about upgrading to 6.1.0 but I found out that version also uses the old BouncyCastle Provides.

Adding all kinds of stuff to the httpheaders but ofcourse this didn't solve anything.

Question

I am assuming more people are doing trivial stuff such as HTTPS posts combinde with JasperReports so I hope someone else knows how to solve this.

Java code

HttpsURLConnection con = (HttpsURLConnection) newurl.openConnection();
        con.setRequestMethod("POST");
        con.setRequestProperty("User-Agent", "Mozilla/5.0");
        con.setRequestProperty("Accept-Language", "en-US,en;q=0.5");
        int responseCode = con.getResponseCode();

Exception Stacktrace

These are the first lines of the first exception

javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair at sun.security.ssl.Alerts.getSSLException(Alerts.java:208) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1904) at sun.security.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1862) at sun.security.ssl.SSLSocketImpl.handleException(SSLSocketImpl.java:1845) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1366) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1343) at sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:563) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(AbstractDelegateHttpsURLConnection.java:185) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnection.java:1301) at java.net.HttpURLConnection.getResponseCode(HttpURLConnection.java:468) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getResponseCode(HttpsURLConnectionImpl.java:338)

JasperReports® Library
maarten_5's picture
maarten_5
2
Joined: Jun 11 2015 - 6:07am
Last seen: 7 years 8 months ago

1 Answer:

Posted on May 7, 2018 at 12:23pm

I think this can help you: https://stackoverflow.com/a/49424441/1470436

jjw.roberto's picture
jjw.roberto
49
Joined: Feb 13 2017 - 8:44am
Last seen: 3 years 3 weeks ago
Feedback
randomness