java.lang.RuntimeException: java.security.spec.InvalidKeySpecException: java.io.EOFException: EOF encountered in middle of object

There are no available Samebug tips for this exception. Do you have an idea how to solve this issue? A short tip would help users who saw this issue last week.

  • While investigating a support case, where the customer had difficulty establishing a trusted relationship between JIRA and Confluence listening on HTTPS, I attempted to add a relationship between my instance of 3.13.2 and https://confluence.atlassian.com/ . The UI threw back a 500 page with this stacktrace: {noformat}java.lang.RuntimeException: java.security.spec.InvalidKeySpecException: java.io.EOFException: EOF encountered in middle of object at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV0(ListApplicationRetriever.java:90) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV1(ListApplicationRetriever.java:49) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplication(ListApplicationRetriever.java:43) at com.atlassian.security.auth.trustedapps.ReaderApplicationRetriever.getApplication(ReaderApplicationRetriever.java:27) at com.atlassian.security.auth.trustedapps.URLApplicationRetriever.getApplication(URLApplicationRetriever.java:40) at com.atlassian.security.auth.trustedapps.BaseEncryptionProvider.getApplicationCertificate(BaseEncryptionProvider.java:12) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.requestTrustedApplication(ViewTrustedApplications.java:133) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.doRequest(ViewTrustedApplications.java:77) {noformat} When you attempt to view the certificate manually via https://confluence.atlassian.com/admin/appTrustCertificate , you can see that CAC redirects you to the non-HTTP version of the file (ie http://confluence.atlassian.com/admin/appTrustCertificate). It appears that CAC is sending a "page has been moved" response back to JIRA, which is mistakenly consumed as the actual trusted app certificate.
    via by Michael Tokar,
  • While investigating a support case, where the customer had difficulty establishing a trusted relationship between JIRA and Confluence listening on HTTPS, I attempted to add a relationship between my instance of 3.13.2 and https://confluence.atlassian.com/ . The UI threw back a 500 page with this stacktrace: {noformat}java.lang.RuntimeException: java.security.spec.InvalidKeySpecException: java.io.EOFException: EOF encountered in middle of object at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV0(ListApplicationRetriever.java:90) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV1(ListApplicationRetriever.java:49) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplication(ListApplicationRetriever.java:43) at com.atlassian.security.auth.trustedapps.ReaderApplicationRetriever.getApplication(ReaderApplicationRetriever.java:27) at com.atlassian.security.auth.trustedapps.URLApplicationRetriever.getApplication(URLApplicationRetriever.java:40) at com.atlassian.security.auth.trustedapps.BaseEncryptionProvider.getApplicationCertificate(BaseEncryptionProvider.java:12) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.requestTrustedApplication(ViewTrustedApplications.java:133) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.doRequest(ViewTrustedApplications.java:77) {noformat} When you attempt to view the certificate manually via https://confluence.atlassian.com/admin/appTrustCertificate , you can see that CAC redirects you to the non-HTTP version of the file (ie http://confluence.atlassian.com/admin/appTrustCertificate). It appears that CAC is sending a "page has been moved" response back to JIRA, which is mistakenly consumed as the actual trusted app certificate.
    via by Michael Tokar,
  • While investigating a support case, where the customer had difficulty establishing a trusted relationship between JIRA and Confluence listening on HTTPS, I attempted to add a relationship between my instance of 3.13.2 and https://confluence.atlassian.com/ . The UI threw back a 500 page with this stacktrace: {noformat}java.lang.RuntimeException: java.security.spec.InvalidKeySpecException: java.io.EOFException: EOF encountered in middle of object at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV0(ListApplicationRetriever.java:90) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV1(ListApplicationRetriever.java:49) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplication(ListApplicationRetriever.java:43) at com.atlassian.security.auth.trustedapps.ReaderApplicationRetriever.getApplication(ReaderApplicationRetriever.java:27) at com.atlassian.security.auth.trustedapps.URLApplicationRetriever.getApplication(URLApplicationRetriever.java:40) at com.atlassian.security.auth.trustedapps.BaseEncryptionProvider.getApplicationCertificate(BaseEncryptionProvider.java:12) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.requestTrustedApplication(ViewTrustedApplications.java:133) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.doRequest(ViewTrustedApplications.java:77) {noformat} When you attempt to view the certificate manually via https://confluence.atlassian.com/admin/appTrustCertificate , you can see that CAC redirects you to the non-HTTP version of the file (ie http://confluence.atlassian.com/admin/appTrustCertificate). It appears that CAC is sending a "page has been moved" response back to JIRA, which is mistakenly consumed as the actual trusted app certificate.
    via by Michael Tokar,
    • java.lang.RuntimeException: java.security.spec.InvalidKeySpecException: java.io.EOFException: EOF encountered in middle of object at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV0(ListApplicationRetriever.java:90) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplicationProtocolV1(ListApplicationRetriever.java:49) at com.atlassian.security.auth.trustedapps.ListApplicationRetriever.getApplication(ListApplicationRetriever.java:43) at com.atlassian.security.auth.trustedapps.ReaderApplicationRetriever.getApplication(ReaderApplicationRetriever.java:27) at com.atlassian.security.auth.trustedapps.URLApplicationRetriever.getApplication(URLApplicationRetriever.java:40) at com.atlassian.security.auth.trustedapps.BaseEncryptionProvider.getApplicationCertificate(BaseEncryptionProvider.java:12) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.requestTrustedApplication(ViewTrustedApplications.java:133) at com.atlassian.jira.web.action.admin.trustedapps.ViewTrustedApplications.doRequest(ViewTrustedApplications.java:77)
    No Bugmate found.