This discussion is archived
4 Replies Latest reply: Mar 27, 2012 12:00 PM by bshannon RSS

NoSuchAlgorithmException under win server 2003, but not 2008

920242 Newbie
Currently Being Moderated
I have a strange error, I can reproduce but which I can't quite figure out the cause or solution to.

vitals: javamail 1.4.4, Windows Server 2003, JBoss.

So, I have a pretty large stack trace I won't include (yet), but it starts with a NoSuchAlgorithmException. This is tripped when I send an email to gmail servers using TLS or SSL encryption. Exact same EAR on Windows Server 2008, works fine.

Please read that again: using the same EAR & the same parameters to send the email under 2008, it gets where it needs fine. So, I'm pretty sure I have the ports/smtp server/etc nailed.

Have looked into a lot of possibilities, nothing has panned out.

Solution would be great, direction or thoughts would be enough.

Thanks in advance,
Colin
  • 1. Re: NoSuchAlgorithmException under win server 2003, but not 2008
    bshannon Pro
    Currently Being Moderated
    It looks like there's a difference in the security configuration of the two machines.
    Are you using the same JDK version on both machines? It looks like one of the
    machines isn't trusting the Gmail server's certificate. Possibly the different app
    server instances have configured the trust store differently?
  • 2. Re: NoSuchAlgorithmException under win server 2003, but not 2008
    jtahlborn Expert
    Currently Being Moderated
    what algorithm? is it possible that the jre on one machine has the unrestricted security policy jars (e.g. US policy) and the other doesn't?
  • 3. Re: NoSuchAlgorithmException under win server 2003, but not 2008
    920242 Newbie
    Currently Being Moderated
    both machines do have the same jdk. our application installs everything it needs, and then uses that version.

    and it definitely seems like either it's not trusting something it's getting from the gmail servers, or it's unable to understand what it's getting. snippet of stack trace below. why might that be happening in 2003 and not in 2008?

    also, i've looked at a couple of questions on stackoverflow (http://stackoverflow.com/questions/6365209/java-and-ssl-java-security-nosuchalgorithmexception), and i confirmed the policy files are the unlimited strength versions. not much luck.

    ---------------------------------
    javax.mail.MessagingException: Could not convert socket to TLS;
    nested exception is:
    java.net.SocketException: java.security.NoSuchAlgorithmException: Error constructing implementation (algorithm: Default, provider: SunJSSE, class: com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl)
    at com.sun.mail.smtp.SMTPTransport.startTLS(SMTPTransport.java:1880)
    at com.sun.mail.smtp.SMTPTransport.protocolConnect(SMTPTransport.java:648)
    at javax.mail.Service.connect(Service.java:317)
    at javax.mail.Service.connect(Service.java:176)
    at javax.mail.Service.connect(Service.java:125)
    at javax.mail.Transport.send0(Transport.java:194)
    at javax.mail.Transport.send(Transport.java:124)
    **** redacted ****
    .. 14 more
    Caused by: java.security.cert.CertificateParsingException: signed overrun, bytes = 257
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    at sun.security.provider.JavaKeyStore.engineLoad(Unknown Source)
    at sun.security.provider.JavaKeyStore$JKS.engineLoad(Unknown Source)
    at java.security.KeyStore.load(Unknown Source)
    at com.sun.net.ssl.internal.ssl.TrustManagerFactoryImpl.getCacertsKeyStore(Unknown Source)
    at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.getDefaultTrustManager(Unknown Source)
    at com.sun.net.ssl.internal.ssl.DefaultSSLContextImpl.<init>(Unknown Source)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
    at sun.reflect.NativeConstructorAccessorImpl.newInstance(Unknown Source)
    at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(Unknown Source)
    at java.lang.reflect.Constructor.newInstance(Unknown Source)
    at java.lang.Class.newInstance0(Unknown Source)
    at java.lang.Class.newInstance(Unknown Source)
    ... 21 more
    ---------------------------------
  • 4. Re: NoSuchAlgorithmException under win server 2003, but not 2008
    bshannon Pro
    Currently Being Moderated
    Make sure they're actually using the JDK you installed.

    Also, check the JBoss configuration on the two machines. It could be overriding the JDK security configuration.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points