2 Replies Latest reply on Mar 21, 2002 10:06 AM by ben2

    Algorithm TLS not available

    thloh

      Hello folks,

      I'm trying to get JBoss 2.4.4 with embedded Tomcat 4.0.1 and SSL up and running.

      I installed the jsse-package and tried the two configurations indroduced in this forum.

      Keystore has been setup with keytool and additionally with openssl.

      But everytime I start JBoss I get the following exception:

      [ERROR,DomainServerSocketFactory] Failed to get SSLContext for TLS algorithm
      java.security.NoSuchAlgorithmException: Algorithm TLS not available
      at com.sun.net.ssl.b.a([DashoPro-V1.2-120198])
      at com.sun.net.ssl.SSLContext.getInstance([DashoPro-V1.2-120198])
      at org.jboss.security.ssl.DomainServerSocketFactory.createServerSocket(D
      omainServerSocketFactory.java:110)
      at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(S
      SLServerSocketFactory.java:74)
      at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(S
      SLServerSocketFactory.java:57)
      at org.apache.catalina.connector.http.HttpConnector.open(HttpConnector.j
      ava:946)
      at org.apache.catalina.connector.http.HttpConnector.initialize(HttpConne
      ctor.java:1114)
      at org.apache.catalina.startup.Embedded.start(Embedded.java:962)
      at org.jboss.web.catalina.EmbeddedCatalinaServiceSX.startService(Embedde
      dCatalinaServiceSX.java:245)
      at org.jboss.util.ServiceMBeanSupport.start(ServiceMBeanSupport.java:103
      )
      at java.lang.reflect.Method.invoke(Native Method)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:16
      28)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:15
      23)
      at org.jboss.configuration.ConfigurationService$ServiceProxy.invoke(Conf
      igurationService.java:967)
      at $Proxy0.start(Unknown Source)
      at org.jboss.util.ServiceControl.start(ServiceControl.java:79)
      at java.lang.reflect.Method.invoke(Native Method)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:16
      28)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:15
      23)
      at org.jboss.Main.(Main.java:208)
      at org.jboss.Main$1.run(Main.java:110)
      at java.security.AccessController.doPrivileged(Native Method)
      at org.jboss.Main.main(Main.java:106)
      [ERROR,EmbeddedCatalinaServiceSX] Stopped


      Using j2sdk-1.4.0-rc the Exception is:
      [ERROR,ConfigurationService] Unexpected error
      LifecycleException: null.open: java.io.IOException: KeyManagerFactory is null
      for security domain: tomcat
      at org.apache.catalina.connector.http.HttpConnector.initialize(HttpConne
      ctor.java:1116)
      at org.apache.catalina.startup.Embedded.start(Embedded.java:962)
      at org.jboss.web.catalina.EmbeddedCatalinaServiceSX.startService(Embedde
      dCatalinaServiceSX.java:245)
      at org.jboss.util.ServiceMBeanSupport.start(ServiceMBeanSupport.java:103
      )
      at sun.reflect.GeneratedMethodAccessor4.invoke(Unknown Source)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
      sorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:16
      28)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:15
      23)
      at org.jboss.configuration.ConfigurationService$ServiceProxy.invoke(Conf
      igurationService.java:967)
      at $Proxy0.start(Unknown Source)
      at org.jboss.util.ServiceControl.start(ServiceControl.java:79)
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
      java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
      sorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:324)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:16
      28)
      at com.sun.management.jmx.MBeanServerImpl.invoke(MBeanServerImpl.java:15
      23)
      at org.jboss.Main.(Main.java:208)
      at org.jboss.Main$1.run(Main.java:110)
      at java.security.AccessController.doPrivileged(Native Method)
      at org.jboss.Main.main(Main.java:106)


      Here some parts of my jboss.jcml file

      <!-- JAAS security manager and realm mapping -->


      org.jboss.security.plugins.JaasSecurityManager






      D:\JBoss-2.4.4_Tomcat-4.0.1\jboss\conf\.keystore
      changeit



      And then either


      8080







      or


      8443
      java:/jaas/tomcat


      results in the exceptions.

      The _protocol="SSL"_ attribute doesn't seem to have any effect.

      I'm using the global-package of jsse. Is there something wrong with it? How can I use another protocol/algorithm.
      As I understand there should be SSLv2, SSLv3 etc.

      Thanks for your help

      Regards
      Thomas

        • 1. Re: Algorithm TLS not available
          thloh

          I finally figured it out myself.
          After installing everything on a linux box, I tried the parameter "KeyStoreURL" instead of "KeyStoreFile" in my security domain and it worked...

          • 2. Re: Algorithm TLS not available
            ben2

            I am still getting this problem. It appears that the keystore is loaded properly but when the SSL sockets are created it throws this exception. My configuration is below the stacktrace.


            [INFO,tomcat] Starting
            [INFO,JaasSecurityManagerService] Added tomcat, org.jboss.security.plugins.JaasS
            ecurityDomain@2bc3f5 to map
            [INFO,tomcat] Started

            [INFO,EmbeddedCatalinaServiceSX] Starting
            [INFO,EmbeddedCatalinaServiceSX] Starting EmbeddedCatalinaSX....
            [INFO,EmbeddedCatalinaServiceSX] Building Http engine and connector
            [INFO,Default] Apache Tomcat/4.0.1
            [INFO,EmbeddedCatalinaServiceSX] HttpConnector Opening server socket on all host
            IP addresses
            [INFO,EmbeddedCatalinaServiceSX] HttpConnector[8080] Starting background thread
            [INFO,EmbeddedCatalinaServiceSX] HttpProcessor[8080][0] Starting background thre
            ad
            [INFO,EmbeddedCatalinaServiceSX] HttpProcessor[8080][1] Starting background thre
            ad
            [INFO,EmbeddedCatalinaServiceSX] HttpProcessor[8080][2] Starting background thre
            ad
            [INFO,EmbeddedCatalinaServiceSX] HttpProcessor[8080][3] Starting background thre
            ad
            [INFO,EmbeddedCatalinaServiceSX] HttpProcessor[8080][4] Starting background thre
            ad
            [INFO,EmbeddedCatalinaServiceSX] HttpConnector Opening server socket on all host
            IP addresses
            [ERROR,DomainServerSocketFactory] Failed to get SSLContext for TLS algorithm
            java.security.NoSuchAlgorithmException: Algorithm TLS not available
            at com.sun.net.ssl.b.a([DashoPro-V1.2-120198])
            at com.sun.net.ssl.SSLContext.getInstance([DashoPro-V1.2-120198])
            at org.jboss.security.ssl.DomainServerSocketFactory.createServerSocket(D
            omainServerSocketFactory.java:110)
            at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(S
            SLServerSocketFactory.java:74)
            at org.jboss.web.catalina.security.SSLServerSocketFactory.createSocket(S
            SLServerSocketFactory.java:57)
            at org.apache.catalina.connector.http.HttpConnector.open(HttpConnector.j
            ava:946)

            My configuration





            C:\Documents and Settings\bjl7507\.keystore
            password
            JKS











            The command to create the keystore
            keytool -genkey -keyalg rsa -alias tomcat -storepass password -keypass password