Websphere - RSA premaster secret error , Illegal key size or default parameter

When i used signer with strong RSA key greater than 2048 bits on my Websphere 6.1 ( i did not test it on newer version) ,  i get the next exception  - see below.


its looks like websphere 6.1 could not handle stronger cryptography greater than 2048bits, and you need to expand/enhance websphere to allow for it to work with RSA keys greather than 2048.


to fix such behavior,  install the unrestricted policy files following the next steps:
 - Make a backup of the current policy files: local_policy.jar and      
US_export_policy.jar located at "jre\lib\security". The files should be
backed up outside of classpath.                                        
- Remove the current policy files from "jre\lib\security" completely.  
Renaming is not enough.                                                
- Download the unrestricted policy files from                          
https://www14.software.ibm.com/webapp/iwm/web/preLogin.do?source=jcesdk
- Copy the new policy files to "jre\lib\security"                      
- Restart WAS/APP/JVM and verify the results                            


good luck 
Yaniv Tzanany



this is the exception when you used the default setting and try to work with RSA grater than 2048 under webspehere:


javax.net.ssl.SSLKeyException: RSA premaster secret error
   at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
   at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:83)
   at org.apache.axis2.transport.http.AxisRequestEntity.writeRequest(AxisRequestEntity.java:84)
   at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:499)
   at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2114)
   at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
   at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
   at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)


Caused by: com.ctc.wstx.exc.WstxIOException: Connection has been shutdown: javax.net.ssl.SSLKeyException: RSA premaster secret error
   at com.ctc.wstx.sw.BaseStreamWriter.finishDocument(BaseStreamWriter.java:1692)
   at com.ctc.wstx.sw.BaseStreamWriter.close(BaseStreamWriter.java:288)
   at org.apache.axiom.util.stax.wrapper.XMLStreamWriterWrapper.close(XMLStreamWriterWrapper.java:46)
   at org.apache.axiom.om.impl.MTOMXMLStreamWriter.close(MTOMXMLStreamWriter.java:174)
   at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:197)
   at org.apache.axis2.transport.http.SOAPMessageFormatter.writeTo(SOAPMessageFormatter.java:79)
   ... 79 more
Caused by: javax.net.ssl.SSLException: Connection has been shutdown: javax.net.ssl.SSLKeyException: RSA premaster secret error
   at com.ibm.jsse2.jc.i(jc.java:211)
   at com.ibm.jsse2.jc.j(jc.java:399)
   at com.ibm.jsse2.j.write(j.java:19)
   at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:88)
   at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:146)
   at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
   at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:99)
   at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
   at com.ctc.wstx.sw.BufferingXmlWriter.close(BufferingXmlWriter.java:194)
   at com.ctc.wstx.sw.BaseStreamWriter.finishDocument(BaseStreamWriter.java:1690)
   ... 84 more
Caused by: javax.net.ssl.SSLKeyException: RSA premaster secret error
   at com.ibm.jsse2.cb.(cb.java:57)
   at com.ibm.jsse2.eb.a(eb.java:192)
   at com.ibm.jsse2.eb.a(eb.java:114)
   at com.ibm.jsse2.db.m(db.java:208)
   at com.ibm.jsse2.db.a(db.java:259)
   at com.ibm.jsse2.jc.a(jc.java:271)
   at com.ibm.jsse2.jc.g(jc.java:403)
   at com.ibm.jsse2.jc.a(jc.java:401)
   at com.ibm.jsse2.j.write(j.java:10)
   at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:88)
   at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:146)
   at org.apache.commons.httpclient.ChunkedOutputStream.flush(ChunkedOutputStream.java:191)
   at com.ctc.wstx.io.UTF8Writer.flush(UTF8Writer.java:99)
   at com.ctc.wstx.sw.BufferingXmlWriter.flush(BufferingXmlWriter.java:214)
   at com.ctc.wstx.sw.BaseStreamWriter.flush(BaseStreamWriter.java:311)
   at org.apache.axiom.util.stax.wrapper.XMLStreamWriterWrapper.flush(XMLStreamWriterWrapper.java:50)
   at org.apache.axiom.om.impl.MTOMXMLStreamWriter.flush(MTOMXMLStreamWriter.java:184)
   at org.apache.axis2.databinding.utils.writer.MTOMAwareXMLSerializer.flush(MTOMAwareXMLSerializer.java:79)
   at org.apache.axis2.databinding.ADBDataSource.serialize(ADBDataSource.java:94)
   at org.apache.axiom.om.impl.llom.OMSourcedElementImpl.internalSerialize(OMSourcedElementImpl.java:691)
   at org.apache.axiom.om.impl.llom.OMElementImpl.internalSerialize(OMElementImpl.java:965)
   at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.serializeInternally(SOAPEnvelopeImpl.java:283)
   at org.apache.axiom.soap.impl.llom.SOAPEnvelopeImpl.internalSerialize(SOAPEnvelopeImpl.java:245)
   at org.apache.axiom.om.impl.llom.OMSerializableImpl.serializeAndConsume(OMSerializableImpl.java:193)
   ... 80 more
Caused by: java.security.InvalidKeyException: Illegal key size or default parameters
   at javax.crypto.Cipher.a(Unknown Source)
   at javax.crypto.Cipher.a(Unknown Source)
   at javax.crypto.Cipher.a(Unknown Source)
   at javax.crypto.Cipher.init(Unknown Source)   at com.ibm.jsse2.cb.(cb.java:8)                                                    

getting JDBC version

this is the way to get the jdbc extra version


Connection conn = DriverManager.getConnection(connectionString,m_connectionProperties);
DatabaseMetaData dbmd = conn.getMetaData();

   System.out.println("DriverName: " + dbmd.getDriverName() );
   System.out.println("DriverVersion: " + dbmd.getDriverVersion() );
   System.out.println("DriverMajorVersion: " + dbmd.getDriverMajorVersion() );
   System.out.println("DriverMinorVersion: " + dbmd.getDriverMinorVersion() );

how to get the jar file location for specific loaded class

this how to get the jar file location for specific class


   try {
File jarFile = new File(CLASS_NAME.class.getProtectionDomain().getCodeSource().getLocation().toURI());
} catch (URISyntaxException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}

Yaniv T

URL rewriting using ASP.NET routing

very good sample to use the routing way within asp.net 3.5

URL rewriting using ASP.NET routing

in may case when i tried to implement it in the same way , i needed to add into my web.config file the next line in httpModules section , other wise i could not make it work properly.
<add name="RoutingModule" type="System.Web.Routing.UrlRoutingModule,System.Web.Routing,Version=3.5.0.0, Culture=neutral,PublicKeyToken=31bf3856ad364e35"/>

now we can add extra SEO :)

Yaniv Tzanany

Java patterns for MQ Series Clients

looks interesting
Java patterns for MQ Series Clients

Use gSOAP to consume J2EE Web services created by WSAD through HTTP and HTTPS

Use gSOAP as a C/C++ Web services stack to consume Java™ 2 Platform, Enterprise Edition (J2EE) Web services through HTTP and HTTPS.

very good tutorial

Use gSOAP to consume J2EE Web services created by WSAD through HTTP and HTTPS

enjoy

yaniv Tzanany

The Function Pointer Tutorials - C++

its nice to get remember the beauty of c++

The Function Pointer Tutorials

I love this patterns

The Function Pointer Tutorials - Functors

goodluck in the interview :)

Yaniv Tzanany

Graph API Explorer

Introducing the Graph API Explorer - Facebook Developers

amazon API - notes

access to node
http://www.amazon.com/exec/obidos/tg/browse/-/[Browse Node ID]
e.g.
http://www.amazon.com/exec/obidos/tg/browse/-/11060901

The BrowseNodes response group returns the browse node that an item belongs to as well as the ancestry
of that browse node.
Note: If a browse node has multiple ancestors, only one of them is returned in the response.(no logic wghich one will return)
You can use the BrowseNodes response group with ItemLookup, ItemSearch, and SimilarityLookup.

The BrowseNodeInfo response group returns browse node names, IDs, children and parent browse nodes
You can use the BrowseNodeInfo response group only with BrowseNodeLookup.
Note: If a browse node has multiple ancestors, only one of them is returned in the response.

In contrast, BrowseNodeLookup only returns child browse nodes that are the direct descendant of the browse node in the request.

item sort keys by language
http://docs.amazonwebservices.com/AWSECommerceService/latest/DG/index.html?CASortValuesArticle.html

The following module was built either with optimizations enabled or without debug information

The following module was built either with optimizations enabled or without debug information + Silverlight

Xerces Serialize XML data and encoding

the next code works fine on Xerces 2.6 - helper function to convert bytes  to utf8 format.

void convertToUTF8(const XMLCh* buffer, CString &utf8_string)

{

XMLTranscoder* utf8Transcoder;

XMLTransService::Codes failReason;

utf8Transcoder = XMLPlatformUtils::fgTransService->makeNewTranscoderFor("UTF-8", failReason, 16*1024);

size_t len = XMLString::stringLen(buffer);

XMLByte* utf8 = new XMLByte[(len*MB_LEN_MAX)+1];

unsigned int eaten;

unsigned int utf8Len = utf8Transcoder->transcodeTo((buffer), len, utf8, len*MB_LEN_MAX, eaten, XMLTranscoder::UnRep_Throw);

utf8[utf8Len] = '\0';

utf8_string = (char*)utf8;

delete[] utf8;

delete utf8Transcoder;

}
good article 

Serialize XML data