-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Red Hat OpenJDK packages can throw due to not recognising some elliptic curves #701
Comments
Same problem (unrelated to this project) with CentOS Linux release 7.3.1611 (Core) using
I'm missing a slightly different curve:
So I assume OpenJDK does not have the license (or so) to include this in their package. The property from the SunEC provider is: AlgorithmParameters.EC SupportedCurves = --> so looks like only these 3 curves are supported by default.... Edit: JCE policy update (http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) didn't change a thing Edit 2: adding BouncyCastle 1.57 helped, but the underlying API I was using (jjwt 0.7.0) did no support for custom security providers, so I changed to an RSA certificate :( |
Hm, Kostas' fix should have caused a more useful error to be printed. Can you show us the full stack trace? |
I think phax is referring to another project (not Corda), but in which he experienced the same issue with us. Our current error message in NodeStartup.kt is |
I think this issue was "fixed" as best we can (better warning) some time ago. Over time Oracle JDK and OpenJDK will converge due to a new policy of open sourcing more stuff at Oracle. So I'll close this. it should fix itself naturally unless Red Hat keep removing stuff from OpenJDK. |
Hi. this problem is still not solved in openJdK 11. I tried adding BouncyCastle , but did not helped. Does anyone have any other idea ? java.security.cert.CertificateParsingException: java.io.IOException: Unknown named curve: 1.3.132.0.38 |
Red Hat and elliptic curve crypto have a troubled history. They have often silently removed support from software as they have packaged it.
https://discourse.corda.net/t/unknown-named-curve/1122
We should catch the exception named in that forum post and print out an error explaining the problem and the fix.
The text was updated successfully, but these errors were encountered: