Handshake failure with elliptical curve algorithms on OpenJDK 1.7 on RHEL 6

Solution Verified - Updated -

Issue

  • Connecting over TLS to my application deployed is giving this error:

    139647999051592:error:14077438:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert internal error:s23_clnt.c:741:

  • After installing byteman script (see diagnostics section) I'm getting the following error handshaking with elliptical curve (ECDHE) algorithms:

    Caused by: java.security.KeyException
   at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
   at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126)

  • I see the following exception on JBoss or Tomcat during an https handshake after updating OpenJDK:

Caused by: java.security.InvalidAlgorithmParameterException
    at sun.security.ec.ECKeyPairGenerator.generateECKeyPair(Native Method)
    at sun.security.ec.ECKeyPairGenerator.generateKeyPair(ECKeyPairGenerator.java:126)
    ... 21 more

Environment

  • Red Hat Enterprise Linux 6
  • OpenJDK 1.7.0_u85 (rhel-2.6.1.3.el6_7-x86_64 u85-b01) and later
  • NSS version ??

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content