java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID

Jive Software Open Source | Florian Schmaus | 4 years ago
  1. 0

    The latest svn version of openfire is unable to process SSL/TLS connection on my server. The symptoms are that a clients (gajim in my case) connection attempt stall, the exception is thrown but the *TCP socket is not closed*. {code:none} 2013.02.26 14:06:57 org.jivesoftware.openfire.nio.ConnectionHandler - ConnectionHandler reports unexpected exception for session: (SOCKET, R: /46.244.217.124:34544, L: /78.47.171.60:5222, S: 0.0.0.0/0.0.0.0:5222) java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1029) at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:508) at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:759) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:727) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java:658) at org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:614) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:493) at org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:306) at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) at org.apache.mina.common.support.AbstractIoFilterChain$HeadFilter.messageReceived(AbstractIoFilterChain.java:499) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java:293) at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228) at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198) at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45) at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) Caused by: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:323) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:673) at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63) at sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:991) at sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:872) at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:801) at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:576) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:170) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker$1.run(Handshaker.java:550) at sun.security.ssl.Handshaker$1.run(Handshaker.java:548) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969) at org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:686) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:486) ... 16 more Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair(Native Method) at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:314) ... 30 more {code} References: - http://stackoverflow.com/a/11688235/194894 - https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1006776 - https://github.com/OWASP/OWASP-WebScarab/commit/52f67a76da3885213593cdf65742eeef33df87f2 I'm atm not really sure if it's an openjdk, mina, or JVM problem.

    Jive Software Open Source | 4 years ago | Florian Schmaus
    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  2. 0

    The latest svn version of openfire is unable to process SSL/TLS connection on my server. The symptoms are that a clients (gajim in my case) connection attempt stall, the exception is thrown but the *TCP socket is not closed*. {code:none} 2013.02.26 14:06:57 org.jivesoftware.openfire.nio.ConnectionHandler - ConnectionHandler reports unexpected exception for session: (SOCKET, R: /46.244.217.124:34544, L: /78.47.171.60:5222, S: 0.0.0.0/0.0.0.0:5222) java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1029) at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:508) at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:759) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:727) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java:658) at org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:614) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:493) at org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:306) at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) at org.apache.mina.common.support.AbstractIoFilterChain$HeadFilter.messageReceived(AbstractIoFilterChain.java:499) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java:293) at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228) at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198) at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45) at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) Caused by: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:323) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:673) at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63) at sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:991) at sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:872) at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:801) at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:576) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:170) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker$1.run(Handshaker.java:550) at sun.security.ssl.Handshaker$1.run(Handshaker.java:548) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969) at org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:686) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:486) ... 16 more Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair(Native Method) at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:314) ... 30 more {code} References: - http://stackoverflow.com/a/11688235/194894 - https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1006776 - https://github.com/OWASP/OWASP-WebScarab/commit/52f67a76da3885213593cdf65742eeef33df87f2 I'm atm not really sure if it's an openjdk, mina, or JVM problem.

    JIRA | 4 years ago | Florian Schmaus
    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  3. 0

    The latest svn version of openfire is unable to process SSL/TLS connection on my server. The symptoms are that a clients (gajim in my case) connection attempt stall, the exception is thrown but the *TCP socket is not closed*. {code:none} 2013.02.26 14:06:57 org.jivesoftware.openfire.nio.ConnectionHandler - ConnectionHandler reports unexpected exception for session: (SOCKET, R: /46.244.217.124:34544, L: /78.47.171.60:5222, S: 0.0.0.0/0.0.0.0:5222) java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.ssl.Handshaker.checkThrown(Handshaker.java:1029) at sun.security.ssl.SSLEngineImpl.checkTaskThrown(SSLEngineImpl.java:508) at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:759) at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:727) at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) at org.apache.mina.filter.support.SSLHandler.unwrap0(SSLHandler.java:658) at org.apache.mina.filter.support.SSLHandler.unwrapHandshake(SSLHandler.java:614) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:493) at org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:306) at org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53) at org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648) at org.apache.mina.common.support.AbstractIoFilterChain$HeadFilter.messageReceived(AbstractIoFilterChain.java:499) at org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299) at org.apache.mina.common.support.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java:293) at org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228) at org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198) at org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45) at org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485) at org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110) at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603) at java.lang.Thread.run(Thread.java:636) Caused by: java.security.ProviderException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:323) at java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:673) at sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63) at sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:991) at sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:872) at sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:801) at sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:576) at sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:170) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:610) at sun.security.ssl.Handshaker$1.run(Handshaker.java:550) at sun.security.ssl.Handshaker$1.run(Handshaker.java:548) at java.security.AccessController.doPrivileged(Native Method) at sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969) at org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:686) at org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:486) ... 16 more Caused by: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair(Native Method) at sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:314) ... 30 more {code} References: - http://stackoverflow.com/a/11688235/194894 - https://bugs.launchpad.net/ubuntu/+source/openjdk-6/+bug/1006776 - https://github.com/OWASP/OWASP-WebScarab/commit/52f67a76da3885213593cdf65742eeef33df87f2 I'm atm not really sure if it's an openjdk, mina, or JVM problem.

    Jive Software Open Source | 4 years ago | Florian Schmaus
    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  4. Speed up your debug routine!

    Automated exception search integrated into your IDE

  5. 0

    Kibana SSL connection

    GitHub | 1 year ago | YonoloX
    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID
  6. 0

    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID

    https://bugzilla.redhat.com/bugzilla/ | 3 years ago | Michal Haško
    java.lang.RuntimeException: sun.security.pkcs11.wrapper.PKCS11Exception: CKR_DOMAIN_PARAMS_INVALID

    Not finding the right solution?
    Take a tour to get the most out of Samebug.

    Tired of useless tips?

    Automated exception search integrated into your IDE

    Root Cause Analysis

    1. sun.security.pkcs11.wrapper.PKCS11Exception

      CKR_DOMAIN_PARAMS_INVALID

      at sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair()
    2. sun.security.pkcs11
      P11KeyPairGenerator.generateKeyPair
      1. sun.security.pkcs11.wrapper.PKCS11.C_GenerateKeyPair(Native Method)
      2. sun.security.pkcs11.P11KeyPairGenerator.generateKeyPair(P11KeyPairGenerator.java:314)
      2 frames
    3. Java RT
      KeyPairGenerator$Delegate.generateKeyPair
      1. java.security.KeyPairGenerator$Delegate.generateKeyPair(KeyPairGenerator.java:673)
      1 frame
    4. Java JSSE
      Handshaker$1.run
      1. sun.security.ssl.ECDHCrypt.<init>(ECDHCrypt.java:63)
      2. sun.security.ssl.ServerHandshaker.setupEphemeralECDHKeys(ServerHandshaker.java:991)
      3. sun.security.ssl.ServerHandshaker.trySetCipherSuite(ServerHandshaker.java:872)
      4. sun.security.ssl.ServerHandshaker.chooseCipherSuite(ServerHandshaker.java:801)
      5. sun.security.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:576)
      6. sun.security.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:170)
      7. sun.security.ssl.Handshaker.processLoop(Handshaker.java:610)
      8. sun.security.ssl.Handshaker$1.run(Handshaker.java:550)
      9. sun.security.ssl.Handshaker$1.run(Handshaker.java:548)
      9 frames
    5. Java RT
      AccessController.doPrivileged
      1. java.security.AccessController.doPrivileged(Native Method)
      1 frame
    6. Java JSSE
      Handshaker$DelegatedTask.run
      1. sun.security.ssl.Handshaker$DelegatedTask.run(Handshaker.java:969)
      1 frame
    7. Apache MINA SSL Filter
      SSLFilter.messageReceived
      1. org.apache.mina.filter.support.SSLHandler.doTasks(SSLHandler.java:686)
      2. org.apache.mina.filter.support.SSLHandler.handshake(SSLHandler.java:486)
      3. org.apache.mina.filter.support.SSLHandler.messageReceived(SSLHandler.java:306)
      4. org.apache.mina.filter.SSLFilter.messageReceived(SSLFilter.java:392)
      4 frames
    8. org.apache.mina
      AbstractIoFilterChain.fireMessageReceived
      1. org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
      2. org.apache.mina.common.support.AbstractIoFilterChain.access$1100(AbstractIoFilterChain.java:53)
      3. org.apache.mina.common.support.AbstractIoFilterChain$EntryImpl$1.messageReceived(AbstractIoFilterChain.java:648)
      4. org.apache.mina.common.support.AbstractIoFilterChain$HeadFilter.messageReceived(AbstractIoFilterChain.java:499)
      5. org.apache.mina.common.support.AbstractIoFilterChain.callNextMessageReceived(AbstractIoFilterChain.java:299)
      6. org.apache.mina.common.support.AbstractIoFilterChain.fireMessageReceived(AbstractIoFilterChain.java:293)
      6 frames
    9. Apache MINA Core
      SocketIoProcessor$Worker.run
      1. org.apache.mina.transport.socket.nio.SocketIoProcessor.read(SocketIoProcessor.java:228)
      2. org.apache.mina.transport.socket.nio.SocketIoProcessor.process(SocketIoProcessor.java:198)
      3. org.apache.mina.transport.socket.nio.SocketIoProcessor.access$400(SocketIoProcessor.java:45)
      4. org.apache.mina.transport.socket.nio.SocketIoProcessor$Worker.run(SocketIoProcessor.java:485)
      4 frames
    10. MINA
      NamePreservingRunnable.run
      1. org.apache.mina.util.NamePreservingRunnable.run(NamePreservingRunnable.java:51)
      1 frame
    11. Java RT
      Thread.run
      1. java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
      2. java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
      3. java.lang.Thread.run(Thread.java:636)
      3 frames