I am trying to encrypt a few password in a properties file using an Ant script. When I run the Ant script I get:
java.lang.RuntimeException: Security Error in doEncrypt: org.jasypt.exceptions.EncryptionInitializationException: java.security.NoSuchAlgorithmException: PBEWithHMACSHA512AndAES_256 SecretKeyFactory not available
this is with org.jasypt.util.text.AES256TextEncryptor. So I tried to move to PooledPBEStringEncryptor and that throws org.jasypt.exceptions.EncryptionOperationNotPossibleException
I have this in the code for the latter:
Security.setProperty("crypto.policy", "unlimited");
pooledPBEStringEncryptor = new PooledPBEStringEncryptor();
pooledPBEStringEncryptor.setPassword(encryptionKey);
pooledPBEStringEncryptor.setAlgorithm("PBEWITHHMACSHA512AND256BITAES");
pooledPBEStringEncryptor.setPoolSize(4);
pooledPBEStringEncryptor.setSaltGenerator(new RandomSaltGenerator());
This is how I initialize the object.
I am on WebSphere 8.5.5.10 and JAVA8 on a Unix system. My JDK version is:
java version "1.8.0"
Java(TM) SE Runtime Environment (build pxa6480sr3ifix-20160713_01(SR3+IX90174+IV85763))
IBM J9 VM (build 2.8, JRE 1.8.0 Linux amd64-64 Compressed References 20160713_311397 (JIT enabled, AOT enabled)
J9VM - R28_Java8_SR3_20160713_0915_B311397
JIT - tr.r14.java.green_20160329_114288
GC - R28_Java8_SR3_20160713_0915_B311397_CMPRSS
J9CL - 20160713_311397)
JCL - 20160421_01 based on Oracle jdk8u91-b14
Any advise would be nice. I searched for IBM WebSpehre forums, but couldn't find any. Thanks in advance.
This may help:
How to verify the Unlimited Strength Jurisdiction Policy Files used
on local_policy.jar & US_export_policy.jar and also How to check the
list of ciphers used by IBM Java?
https://www.ibm.com/support/pages/node/1171564
Related
This is the start of my SystemOut.log of my WAS. Why i see a wrong operating system? i have windows server 2012 and not win srv 2008. Do you know where websphere take this information?
************ Start Display Current Environment ************
-WebSphere Platform 8.5.5.0 [ND 8.5.5.0 gm1319.01] running with process name blabla\blabla\server1 and process id 1234
-Host Operating System is Windows Server 2008, version 6.2 build 9200
-Java version = 1.6.0, Java Compiler = j9jit26, Java VM name = IBM J9 VM
-was.install.root = C:\Program Files\IBM\WASND85
-user.install.root = C:\Program Files\IBM\WASND85\profiles\AppSrv01
-Java Home = C:\Program Files\IBM\WASND85\java\jre
-ws.ext.dirs = C:\Program Files\IBM\WASND85/java/lib;C:\Program Files\IBM\WAS
-Classpath = C:\Program Files\IBM\WASND85\profiles\AppSrv01/properties;C:\Pro
-Java Library path = C:\Program Files\IBM\WASND85/lib/native/win/x86_64/;C:\P
-Orb Version = IBM Java ORB build orb626-20130112.01
************* End Display Current Environment *************
Thankyou in advance!!!!!!
bye
Based on my knowledge, WAS is taking the information from system property "os.name" and "os.version".
A quick way of checking is to write a quick java test class and have it print out the result of System.getProperty("os.name").toLowerCase() and System.getProperty("version").toLowerCase(). Then verify if they match the string you got from WAS log files' header.
The JVM pulls this information from a Windows API call (GetVersionEx). There was a change to this Windows API that required a change to the JDK in order to show the correct Windows OS name:
https://bugs.openjdk.java.net/browse/JDK-8059803
Since you are running a very old version of Java, upgrading to a later version should help.
Im looking for some help running Payara 5 Alpha on Java 9. The blog post "Payara Server 5 Alpha 2 release is here!" says it runs the payara domain on Java 9, but Im still getting the java.lang.NullPointerException on AbstractModulesRegistryImpl.initializeServiceLocator -
C:\payara-5.0.0.Alpha4-20171117.004238-21\payara5\bin>java -version
java version "9.0.1"
Java(TM) SE Runtime Environment (build 9.0.1+11)
Java HotSpot(TM) 64-Bit Server VM (build 9.0.1+11, mixed mode)
C:\payara-5.0.0.Alpha4-20171117.004238-21\payara5\bin>asadmin.bat start-domain payaradomain
Exception in thread "main" java.lang.NullPointerException
at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.initializeServiceLocator(AbstractModulesRegistryImpl.java:152)
at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.newServiceLocator(AbstractModulesRegistryImpl.java:144)
at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.createServiceLocator(AbstractModulesRegistryImpl.java:218)
at com.sun.enterprise.module.common_impl.AbstractModulesRegistryImpl.createServiceLocator(AbstractModulesRegistryImpl.java:224)
at com.sun.enterprise.module.single.StaticModulesRegistry.createServiceLocator(StaticModulesRegistry.java:88)
at com.sun.enterprise.admin.cli.CLIContainer.getServiceLocator(CLIContainer.java:216)
at com.sun.enterprise.admin.cli.CLIContainer.getLocalCommand(CLIContainer.java:254)
at com.sun.enterprise.admin.cli.CLICommand.getCommand(CLICommand.java:231)
at com.sun.enterprise.admin.cli.AdminMain.executeCommand(AdminMain.java:370)
at com.sun.enterprise.admin.cli.AdminMain.doMain(AdminMain.java:305)
at org.glassfish.admin.cli.AsadminMain.main(AsadminMain.java:56)
Is there more to the configuration? I've checked github for the Alpha2 and Alpha3 release but cant see more information relating to this
Thanks
Payara support for JDK 9 is still in the early stages and is not reliable. It is currently being worked on, but it will be complete by the time 5.181 is released. You can use GitHub (https://github.com/payara/Payara/issues) to report problems. You can also download the latest snapshot of Payara 5 from https://www.payara.fish/upstream_builds by scrolling down.
I am trying for first time to use h2o package in R. My problem comes when I try to use h2o.init() function I have the next error message
Error in value[[3L]](cond) :
You have a 32-bit version of Java. H2O works best with 64-bit Java.
Please download the latest Java SE JDK 7 from the following URL:
http://www.oracle.com/technetwork/java/javase/downloads/jdk7-downloads-1880260.html
In addition: Warning message:
In normalizePath(path.expand(path), winslash, mustWork) :
path[1]="C:\Program Files\Java\jre1.8.0_111\bin/bin/java.exe": El sistema no puede encontrar la ruta especificada
I have followed the solutions here and there But I still have the same error things become worst since i do not have admin rights. Does any one can point me somewhere or give me some guide lines to get this solve?? This is driving me crazy.
My sesion info is
R version 3.4.2 (2017-09-28)
Platform: x86_64-w64-mingw32/x64 (64-bit)
Running under: Windows 7 x64 (build 7601) Service Pack 1
Java version:
java version "1.8.0_131"
JAVA(TM) SE Runtime Environment (build 1.8.0_131-b11)
Java HotSpot(TM) Client VM (build 25.131-b11, mixed mode)
In your local system environment you can set the JAVA_HOME as below:
JAVA_HOME=C:\\PATH_TO_YOUR_JAVA_1.8_INSTALL
After that you can check and confirm that your command line environment shows 64bit Java along with Sys.getenv call shows the 64 bit Java 1.8 as your java environment.
> Sys.getenv("JAVA_HOME")
[1] "/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home"
If it is not set in R environment then you can set it as below too:
> Sys.setenv(JAVA_HOME= "/Library/Java/JavaVirtualMachines/jdk1.8.0_101.jdk/Contents/Home")
Make sure to restart R/Rstudio with clean session so you have updated R with new environment. After that when you will call h2o initialize function it will pickup the right Java to get it started.
h2o.init()
Node JS application is working fine with Linux, windows and Solaris. But Node JS is not working in SPARC system because it is not supporting V8 engine.
Myself found a External project called AVATAR, which is used to run NODE JS Programs in JVM (Java Virtual Machine) using the JAVA 8 inbuilt JavaScript Engine – Nashron.
In their official site they have provided me (.so) file for Linux, (.dll) file for Windows using that we compiled the program. By using those files (.so & .dll) we successfully executed Node JS programs in Linux, windows with JAVA 8.
I used same linux (.so) file to run on SPARC platform and it throws below error.
Error Occurred :
-bash-4.1$ java -Djava.library.path=dist -jar dist/avatar-js.jar HttpServer.js
Exception in thread "main" java.lang.UnsatisfiedLinkError: /export/home/thiru/LinuxAVatar/dist/libavatar-js.so: ld.so.1: java: fatal: /export/home/thiru/LinuxAVatar/dist/libavatar-js.so: wrong ELF data format: ELFDATA2LSB (Possible cause: endianness mismatch)
at java.lang.ClassLoader$NativeLibrary.load(Native Method)
at java.lang.ClassLoader.loadLibrary0(ClassLoader.java:1938)
at java.lang.ClassLoader.loadLibrary(ClassLoader.java:1854)
at java.lang.Runtime.loadLibrary0(Runtime.java:870)
at java.lang.System.loadLibrary(System.java:1122)
at com.oracle.libuv.LibUV.<clinit>(LibUV.java:33)
at com.oracle.avatar.js.Server.<init>(Server.java:166)
at com.oracle.avatar.js.Server.<init>(Server.java:140)
at com.oracle.avatar.js.Server.<init>(Server.java:128)
at com.oracle.avatar.js.Server.main(Server.java:122)
I have attached the basic HTTP Server Program in NODE JS which I used to run in JVM using avatar.
Could you please provide some feasibility for the below points:
1.Running NODE JS on SPARC system,
2.Is there any build for that .so file for SPARC,
3.shall I use any other Java Script Engines instead of Nashron in SPARC (ex: Spider Monkey).
Link For Official Site: https://avatar-js.java.net/
Procedure to run Avatar : http://blog.jonasbandi.net/2014/03/running-nodejs-applications-on-jvm-with.html
Version of Oracle Solaris OS : Oracle Solaris 11.3 SPARC
JAVA Version :
java version "1.8.0_60"
Java(TM) SE Runtime Environment (build 1.8.0_60-b27)
Java Hotspot(TM) 64-Bit Server VM (build 25.60-b23, mixed mode)
Thanks in Advance.
var http = require('http');
var server = http.createServer(function (request, response) {
response.writeHead(200, {"Content-Type": "text/plain"});
response.end("Hello World\n");
});
server.listen(8000);
console.log("Server running at http://127.0.0.1:8585/");
Project Avatar from Oracle is dead.
Officially it's called "development is on hold", but... you know!
See also my blogpost about this: http://www.n-k.de/2015/02/current-status-of-oracles-project-avatar.html
The mentioned alternative "Nodyn" is also dead.
So, you have to look for another option to run node.js on your desired platform.
last version of WAS Liberty Profile seems to have broken com.ibm.watson.developer_cloud:java-sdk.
I rebuilt images for my app and got last version 17.0.0.1 , and java-sdk for watson stopped working with exception above. Any idea on which tag to use in my Dockerfile to be able to rebuild version using 16.0.0.4 liberty?
also... how can I have this working with 17.0.0.1?
Caused by: java.net.UnknownServiceException: Unable to find acceptable protocols. isFallback=false, modes=[ConnectionSpec(cipherSuites=[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA], tlsVersions=[TLS_1_2, TLS_1_1, TLS_1_0], supportsTlsExtensions=true), ConnectionSpec(cipherSuites=[TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256, TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA, TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA, TLS_DHE_RSA_WITH_AES_128_CBC_SHA, TLS_DHE_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_AES_128_GCM_SHA256, TLS_RSA_WITH_AES_128_CBC_SHA, TLS_RSA_WITH_AES_256_CBC_SHA, TLS_RSA_WITH_3DES_EDE_CBC_SHA], tlsVersions=[TLS_1_0], supportsTlsExtensions=true), ConnectionSpec()], supported protocols=[TLSv1]
at okhttp3.internal.ConnectionSpecSelector.configureSecureSocket(ConnectionSpecSelector.java:72)
at okhttp3.internal.io.RealConnection.connectTls(RealConnection.java:232)
at okhttp3.internal.io.RealConnection.establishProtocol(RealConnection.java:196)
at okhttp3.internal.io.RealConnection.buildConnection(RealConnection.java:171)
at okhttp3.internal.io.RealConnection.connect(RealConnection.java:111)
at okhttp3.internal.http.StreamAllocation.findConnection(StreamAllocation.java:187)
at okhttp3.internal.http.StreamAllocation.findHealthyConnection(StreamAllocation.java:123)
at okhttp3.internal.http.StreamAllocation.newStream(StreamAllocation.java:93)
at okhttp3.internal.http.HttpEngine.connect(HttpEngine.java:296)
at okhttp3.internal.http.HttpEngine.sendRequest(HttpEngine.java:248)
at okhttp3.RealCall.getResponse(RealCall.java:243)
at okhttp3.RealCall$ApplicationInterceptorChain.proceed(RealCall.java:201)
at okhttp3.RealCall.getResponseWithInterceptorChain(RealCall.java:163)
at okhttp3.RealCall.execute(RealCall.java:57)
at com.ibm.watson.developer_cloud.service.WatsonService$1.execute(WatsonService.java:179)
... 53 more
Edit: I have tried adding the system property as explained here:
https://www.ibm.com/support/knowledgecenter/SSYKE2_7.0.0/com.ibm.java.security.component.70.doc/security-component/jsse2Docs/matchsslcontext_tls.html
And I check ps in my docker instance to see that JDK has the property correctly configured:
root#apiqa:/# ps xuww
USER PID %CPU %MEM VSZ RSS TTY STAT START TIME COMMAND
root 1 4.9 9.4 8512396 3131596 ? Ssl 17:35 10:32 /opt/ibm/java/jre/bin/java -javaagent:/opt/ibm/wlp/bin/tools/ws-javaagent.jar -Djava.awt.headless=true -Xms950m -Xmx3500m -Dcom.ibm.jsse2.overrideDefaultTLS=true -jar /opt/ibm/wlp/bin/tools/ws-server.jar defaultServer
But the problem is not solved with that. Am I not configuring Liberty profile to get the system property so JDK executes with -D ? (I use jvm.properties file)
This is a known issue due to a change in the IBM JDK.
We are working on it (see this).
The workaround is to use an old buildpack for liberty or a different JDK.
Use cf push -b liberty-for-java_v3_7-20170118-2046 to use a liberty version that works with the SDK.
You can also change to OpenJDK by running:
cf set-env myapp JVM 'openjdk'
More information here
My team ran into this issue as well. I'm not 100% sure but we came to the conclusion that Liberty 17.0.0.1 is using Java 8 which we believe no longer supports TLS 1.0. You can see that the service you are trying to connect to only supports TLS 1.0:
"supported protocols=[TLSv1]"
It seems that some of the Bluemix services have moved up to TLS 1.1 and some haven't. TLS 1.0 is evidently not very secure so I'm not positive but I believe that Java 8 no longer supports TLS 1.0. This means either the Bluemix service will need to upgrade to TLS 1.1 or you'll need to run Liberty on a previous version of the JVM.
I solved this issue setting OpenJDK 1.8 on Liberty instance, just setting env variable JBP_CONFIG_OPENJDK.
In my case, was important to set also memory_sizes to overcome an OutOfMemory error, related to the use of OpenJDK
$ cf set-env myapp JBP_CONFIG_OPENJDK: '[version: 1.8.+, memory_sizes: { metaspace: 256m }]'
For complete reference https://console.ng.bluemix.net/docs/runtimes/liberty/customizingJRE.html