Handshake failure with elliptical curve algorithms on OpenJDK 1.7 on RHEL 6

Solution Verified - Updated -

Issue

  • Connecting over TLS to my application deployed is giving this error:

    139647999051592:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:741:
    
  • After installing byteman script (see diagnostics section) I'm getting the following error handshaking with elliptical curve (ECDHE) algorithms:

    Caused by: java.security.KeyException
       at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
       at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126)
    
  • I see the following exception on JBoss or Tomcat during an https handshake after updating OpenJDK:

Caused by: java.security.InvalidAlgorithmParameterException
    at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
    at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126)
    ... 21 more

Environment

  • Red Hat Enterprise Linux 6
  • OpenJDK 1.7.0_u85 (rhel-2.6.1.3.el6_7-x86_64 u85-b01) and later
  • NSS version ??

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In
Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.