[jbosstools-issues] [JBoss JIRA] (JBIDE-18454) Cant connect to OpenShift running on RHEL 6.6 (javax.net.ssl.SSLException: Could not generate DH keypair)

Andre Dietisheim (JIRA) issues at jboss.org
Tue Sep 30 15:01:02 EDT 2014 

    [ https://issues.jboss.org/browse/JBIDE-18454?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13007466#comment-13007466 ] 

Andre Dietisheim commented on JBIDE-18454:
------------------------------------------

In a POC the following seems to work for me (not tested extensively yet):

{code}
SSLSocketFactory wrappingSocketFactory = new SSLSocketFactory() {
					
					@Override
					public Socket createSocket(InetAddress arg0, int arg1, InetAddress arg2, int arg3) throws IOException {
						return socketFactory.createSocket(arg0, arg1, arg2, arg3);
					}
					
					@Override
					public Socket createSocket(String arg0, int arg1, InetAddress arg2, int arg3) throws IOException,
							UnknownHostException {
						return socketFactory.createSocket(arg0, arg1, arg2, arg3);
					}
					
					@Override
					public Socket createSocket(InetAddress arg0, int arg1) throws IOException {
						return socketFactory.createSocket(arg0, arg1);
					}
					
					@Override
					public Socket createSocket(String arg0, int arg1) throws IOException, UnknownHostException {
						return socketFactory.createSocket(arg0, arg1);
					}
					
					@Override
					public String[] getSupportedCipherSuites() {
						return null;
					}
					
					@Override
					public String[] getDefaultCipherSuites() {
						return null;
					}
					
					@Override
					public Socket createSocket(Socket s, String host, int port, boolean autoClose) throws IOException {
						 SSLSocket socket = (SSLSocket) socketFactory.createSocket(s, host, port, autoClose);
						 List<String> ciphers = new ArrayList<String>();
						 for (String cipher : socket.getEnabledCipherSuites()) {
							 if (!cipher.contains("_DHE_")) {
								 ciphers.add(cipher);
							 }
						 };
						 socket.setEnabledCipherSuites(ciphers.toArray(new String[ciphers.size()]));
						 return socket;
					}
				};
				((HttpsURLConnection) connection).setSSLSocketFactory(wrappingSocketFactory);
{code}

> Cant connect to OpenShift running on RHEL 6.6 (javax.net.ssl.SSLException: Could not generate DH keypair)
> ---------------------------------------------------------------------------------------------------------
>
>                 Key: JBIDE-18454
>                 URL: https://issues.jboss.org/browse/JBIDE-18454
>             Project: Tools (JBoss Tools)
>          Issue Type: Bug
>          Components: openshift
>    Affects Versions: 4.2.0.CR1
>            Reporter: Andre Dietisheim
>            Assignee: Andre Dietisheim
>            Priority: Blocker
>             Fix For: 4.2.0.CR2
>
>         Attachments: ssl-error-on-connect.png
>
>
> In https://bugzilla.redhat.com/show_bug.cgi?id=1145848 openshift-java-client cant connect to OpenShift running on RHEL 6.6 when using openjdk. We have to verify that this affects the Eclipse based tooling (that's also using openshift-java-client) 
> {code}
> java.io.IOException: com.openshift.client.OpenShiftEndpointException: Could not request https://broker.ose21z-auto.com.cn/broker/rest/api: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
>         at hudson.plugins.openshift.OpenShiftCloud.getOpenShiftConnection(OpenShiftCloud.java:186)
>         at hudson.plugins.openshift.OpenShiftCloud.getSlaves(OpenShiftCloud.java:877)
>         at hudson.plugins.openshift.OpenShiftCloud.provisionSlave(OpenShiftCloud.java:451)
>         at hudson.plugins.openshift.OpenShiftCloud.provision(OpenShiftCloud.java:413)
>         at hudson.slaves.NodeProvisioner.update(NodeProvisioner.java:281)
>         at hudson.slaves.NodeProvisioner.access$000(NodeProvisioner.java:51)
>         at hudson.slaves.NodeProvisioner$NodeProvisionerInvoker.doRun(NodeProvisioner.java:368)
>         at hudson.triggers.SafeTimerTask.run(SafeTimerTask.java:54)
>         at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:471)
>         at java.util.concurrent.FutureTask.runAndReset(FutureTask.java:304)
>         at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$301(ScheduledThreadPoolExecutor.java:178)
>         at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
>         at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
>         at java.lang.Thread.run(Thread.java:745)
> Caused by: com.openshift.client.OpenShiftEndpointException: Could not request https://broker.ose21z-auto.com.cn/broker/rest/api: javax.net.ssl.SSLException: java.lang.RuntimeException: Could not generate DH keypair
> {code}



--
This message was sent by Atlassian JIRA
(v6.3.1#6329)

More information about the jbosstools-issues mailing list