java.security.ProviderException: java.security.KeyException when using OpenJDK 1.8u91

Solution Unverified - Updated -

Issue

  • We have configured a JBoss instance with ssl for the management console

    However, when trying to access the console in the secure port (https://10.X.X.X:9443/console) I get the following error:
    This site can’t be reached
    10.X.X.X unexpectedly closed the connection.

2017-07-31 12:47:10,228 ERROR [org.xnio.listener] (Remoting "node1:MANAGEMENT" read-1) A channel event listener threw an exception: java.lang.RuntimeException: java.security.KeyException
    at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1429) [jsse.jar:1.8.0_91]
    at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:535) [jsse.jar:1.8.0_91]
    at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:813) [jsse.jar:1.8.0_91]
    at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:781) [jsse.jar:1.8.0_91]
    at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) [rt.jar:1.8.0_91]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.unwrap(JsseConnectedSslStreamChannel.java:446) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:487) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:452) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.channels.FramedMessageChannel.receive(FramedMessageChannel.java:90) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.jboss.remoting3.remote.ServerConnectionOpenListener$Initial.handleEvent(ServerConnectionOpenListener.java:229) [jboss-remoting-3.3.5.Final-redhat-1.jar:3.3.5.Final-redhat-1]
    at org.jboss.remoting3.remote.ServerConnectionOpenListener$Initial.handleEvent(ServerConnectionOpenListener.java:139) [jboss-remoting-3.3.5.Final-redhat-1.jar:3.3.5.Final-redhat-1]
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.channels.TranslatingSuspendableChannel.handleReadable(TranslatingSuspendableChannel.java:189) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.handleReadable(JsseConnectedSslStreamChannel.java:183) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.channels.TranslatingSuspendableChannel$1.handleEvent(TranslatingSuspendableChannel.java:103) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ChannelListeners.invokeChannelListener(ChannelListeners.java:72) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.nio.NioHandle.run(NioHandle.java:90)
    at org.xnio.nio.WorkerThread.run(WorkerThread.java:198)

 Caused by: java.security.ProviderException: java.security.KeyException
    at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:147)
    at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:703) [rt.jar:1.8.0_91]
    at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:64) [jsse.jar:1.8.0_91]
    at sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:1432) [jsse.jar:1.8.0_91]
    at sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:1219) [jsse.jar:1.8.0_91]
    at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:1023) [jsse.jar:1.8.0_91]
    at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:738) [jsse.jar:1.8.0_91]
    at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:221) [jsse.jar:1.8.0_91]
    at sun.security.ssl.Handshaker.processLoop(Handshaker.java:979) [jsse.jar:1.8.0_91]
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:919) [jsse.jar:1.8.0_91]
    at sun.security.ssl.Handshaker$1.run(Handshaker.java:916) [jsse.jar:1.8.0_91]
    at java.security.AccessController.doPrivileged(Native Method) [rt.jar:1.8.0_91]
    at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:1369) [jsse.jar:1.8.0_91]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.handleHandshake(JsseConnectedSslStreamChannel.java:425) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    at org.xnio.ssl.JsseConnectedSslStreamChannel.read(JsseConnectedSslStreamChannel.java:490) [xnio-api-3.0.14.GA-redhat-1.jar:3.0.14.GA-redhat-1]
    ... 14 more
Caused by: java.security.KeyException
    at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
    at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:128)
    ... 28 more

Environment

  • Red Hat JBoss Enterprise Application Platform (EAP)
    • 6.4.x
  • OpenJDK
    • java-1.8.0-openjdk-1.8.0.91-1.b14.fc25

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content