VOOZH about

URL: https://www.ibm.com/support/pages/apar/IJ46193

⇱ IJ46193: SSLCONTEXT.GETINSTANCE FAILURES CAUSE JAVA.LANG.EXCEPTIONININITIALIZERERROR

IJ46193: SSLCONTEXT.GETINSTANCE FAILURES CAUSE JAVA.LANG.EXCEPTIONININITIALIZERERROR

APAR status

  • Closed as program error.

Error description

  • Error Message: N/A
.
Stack Trace: java.lang.ExceptionInInitializerError
 at
java.lang.J9VMInternals.ensureError(J9VMInternals.java:157)
 at
java.lang.J9VMInternals.recordInitializationFailure(J9VMInternal
s.java:146)
 at java.lang.Class.forNameImpl(Native Method)
 at java.lang.Class.forName(Class.java:339)
 at
java.security.Provider$Service.getImplClass(Provider.java:1645)
 at
java.security.Provider$Service.newInstance(Provider.java:1603)
 at
sun.security.jca.GetInstance.getInstance(GetInstance.java:248)
 at
sun.security.jca.GetInstance.getInstance(GetInstance.java:176)
 at
javax.net.ssl.SSLContext.getInstance(SSLContext.java:29)
 at SSLContextBreaker.main(SSLContextBreaker.java:24)
Caused by: java.lang.IllegalArgumentException: No cryptographic
provider to support protocol TLSv1.3
 at com.ibm.jsse2.m.a(m.java:96)
 at com.ibm.jsse2.bf$l.<clinit>(bf$l.java:5)
 ... 8 more
.

Local fix



Problem summary


    

  • SSLContext.getInstance when alias is not compatible with
configuration for FIPS 140-3, FIPS 140-2, Suite B or SP800-131a,
a java.lang.ExceptionInInitializerError is thrown.



Problem conclusion


    

  • The JSSE jar has been updated to remove the
java.lang.ExceptionInInitializerError. If there is any
incompatibility between FIPS 140-2, FIPS 140-3, Suite B or
SP800-131 and the algorithm specified in the
SSLContext.getInstance, a KeyManagementException will be thrown
in the sslContext.init. There is no ability to throw the
exception in the SSLContext.getInstance.
Binary affected - ibmjsseprovider2.jar
GIT Issue - #254
RTC - 148100
Build - 8.0 build_20230328--636
Build - FIPS140-3 Tech Preview - 8.0 build_20230328--637
JVM to be delivered in - JDK 8 SR8FP5
.
This APAR will be fixed in the following Releases:
.
IBM SDK, Java Technology Edition
 8 SR8 FP5 (8.0.8.5)
.
Contact your IBM Product's Service Team for these Service
Refreshes and Fix Packs.
For those running stand-alone, information about the available
maintenance can be found at:
 https://www.ibm.com/support/pages/java-sdk



Temporary fix


    



Comments


    



APAR Information




    

  • APAR number
    IJ46193
    • 

  • Reported component name
    SECURITY
    • 

  • Reported component ID
    620700125
    • 

  • Reported release
    270
    • 

  • Status
    CLOSED PER
    • 

  • PE
    NoPE
    • 

  • HIPER
    NoHIPER
    • 

  • Special Attention
    NoSpecatt / Xsystem
    • 

  • Submitted date
    2023-03-29
    • 

  • Closed date
    2023-06-29
    • 

  • Last modified date
    2023-06-29
    • 





    

  • APAR is sysrouted FROM one or more of the following:
    

    • 

  • APAR is sysrouted TO one or more of the following:
    

    • 



Fix information


    

  • Fixed component name
    SECURITY
    • 

  • Fixed component ID
    620700125
    • 



Applicable component levels







 
 
 
 

 [{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SSNVBF","label":"Runtimes for Java Technology"},"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"270","Line of Business":{"code":"LOB36","label":"IBM Automation"}}]
 

 

 
 
 

 

 

 

 

 

 
Document Information


 

 

 Modified date:
 

 30 June 2023