[prev in list] [next in list] [prev in thread] [next in thread]
List: james-user
Subject: Re: TLS/SSL problems Solved!
From: david garvey <dgarvey () collab ! net>
Date: 2011-07-19 20:09:00
Message-ID: 4E25E45C.7070508 () collab ! net
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
That is great news... Fedora/Redhat has the same issues:
[dgarvey@dgarvey .ssh]$ ls -l /etc/alternatives/jre
lrwxrwxrwx 1 root root 29 Mar 10 12:25 /etc/alternatives/jre -> \
/home/dgarvey/jdk1.6.0_21/jre [dgarvey@dgarvey .ssh]$
On 07/19/2011 12:40 PM, Marc Chamberlin wrote:
> Thanks David for your reply... You were sorta right... Actually
> openSuSE is screwed up when it comes to changing the Java installation
> (I went from openJDK_x64 to the Sun_X32 version. OpenSuSE uses a lot of
> links in /etc/alternatives to point at the correct version of Java
> things, which in turn get used by a lot of scripts) Most of these links
> were broken after the change over and I had to go through and correct
> them all by had. Additionally, openSuSE left a lot of files, dirs, and
> links in the /usr/lib64/jvm install directory which further confused a
> number of scripts and cause them to mis-set environment variables...
> Cleaning up all this mess, made James a happy camper again...
>
> I am continuing to try and get James installed in Eclipse so I can see
> what is going on within some of my mail lists that I support... Spam and
> in particular bounce messages are getting through and I am trying to
> figure out why... Also the built in Bayesian filters is now catching
> legit emails and I need a way to correct the filter since these get
> dropped into a special spam repository before I get a chance to reteach
> the filter that these are in fact legit....
>
> Marc..
>
>
>
> On 7/18/2011 5:26 PM, david garvey wrote:
> > Marc,
> >
> > It looks like the new install is missing the crypto stuff?
> >
> > http://fandry.blogspot.com/2011/06/problem-initializing-class.html
> >
> > I also checked the content of the content of the jar file
> > ./Java/jre6/lib/jce.jar which should
> > contain the missing class in question: javax.crypto.SunJCE_b
> >
> > On 07/18/2011 09:23 AM, Marc Chamberlin wrote:
> > > On 7/18/2011 12:10 AM, Eric Charles wrote:
> > > > Hi Marc,
> > > >
> > > > Why do you go to x32 and not x64?
> > > Thanks Eric for replying... I couldn't get Eclipse to work under
> > x64 so
> > > was advised to use the x32 bit version of Java instead. I want to bring
> > > James up in Eclipse so I can better understand and debug it when I
> > > encounter problems and try to better handle spam/bounce notifications
> > > about attempts being made to break into some mail lists that I
> > host.....
> > > >
> > > > Also, http://wiki.apache.org/james/UsingSSL says you need to
> > > > add/configure bouncycastle. I don't think it will help with the
> > > > NoClassDefFoundError, but I would give it a try.
> > > I will look into this further and see if I need to do anything to
> > handle
> > > the x32 bit version of Java, otherwise I am surprised if I need to do
> > > anything that I have not already done, since I had SSL working fine
> > > before I switched to x32 Java....
> >
> > > Marc...
> > > >
> > > > Thx.
> > > >
> > > > On 18/07/11 08:45, Marc Chamberlin wrote:
> > > > > I recently had to change the JAVA vm on my server from
> > > > > java-1_6_0-openJDK_X64 to java-1_6_0-sun_586 (x32) and restarted
> > James
> > > > > 2.3.2 under the new runtime environment. Before this switch, James
> > > > > worked fine, but afterwords whenever a client such as Thunderbird
> > tries
> > > > > to connect I am getting the following sort of error when using
> > TLS/SSL
> > > > > connections -
> > > > >
> > > > > An error occurred during a connection to mail.mydomain.com:995.
> > > > >
> > > > > Cannot communicate securely with peer: no common encryption
> > > > > algorithm(s).
> > > > >
> > > > > (Error code: ssl_error_no_cypher_overlap)
> > > > >
> > > > >
> > > > > Looking in the James logs files I found this stack walkback in the
> > > > > connections log file - (I am guessing it is related?)
> > > > >
> > > > > marc@bigbang:/james/james-2.3.2/apps/james/logs> cat
> > > > > connections-2011-07-17-21-52.log
> > > > > 17/07/11 21:54:16 ERROR connections: Error handling connection
> > > > > java.lang.NoClassDefFoundError: Could not initialize class
> > > > > javax.crypto.SunJCE_b
> > > > > at javax.crypto.Cipher.getInstance(DashoA13*..)
> > > > > at java.security.Signature$Delegate.newInstance(Signature.java:932)
> > > > > at
> > java.security.Signature$Delegate.chooseProvider(Signature.java:1032)
> > > > > at
> > java.security.Signature$Delegate.engineInitSign(Signature.java:1106)
> > > > > at java.security.Signature.initSign(Signature.java:498)
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.RSASignature.engineInitSign(RSASignature.java:108)
> >
> > > > >
> > > > >
> > > > > at java.security.Signature$Delegate.init(Signature.java:1076)
> > > > > at
> > java.security.Signature$Delegate.chooseProvider(Signature.java:1033)
> > > > > at
> > java.security.Signature$Delegate.engineInitSign(Signature.java:1106)
> > > > > at java.security.Signature.initSign(Signature.java:498)
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.HandshakeMessage$DH_ServerKeyExchange.<init>(HandshakeMessage.java:721)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.ServerHandshaker.clientHello(ServerHandshaker.java:678)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.ServerHandshaker.processMessage(ServerHandshaker.java:151)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593)
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:529)
> >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:893)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1138)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(SSLSocketImpl.java:632)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > com.sun.net.ssl.internal.ssl.AppOutputStream.write(AppOutputStream.java:59)
> >
> > > > >
> > > > > at
> > > > >
> > java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
> > > > > at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
> > > > > at sun.nio.cs.StreamEncoder.implFlush(StreamEncoder.java:278)
> > > > > at sun.nio.cs.StreamEncoder.flush(StreamEncoder.java:122)
> > > > > at java.io.OutputStreamWriter.flush(OutputStreamWriter.java:212)
> > > > > at java.io.BufferedWriter.flush(BufferedWriter.java:236)
> > > > > at java.io.PrintWriter.flush(PrintWriter.java:276)
> > > > > at
> > > > >
> > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:92)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > org.apache.james.util.InternetPrintWriter.println(InternetPrintWriter.java:189)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > org.apache.james.pop3server.POP3Handler.handleConnection(POP3Handler.java:274)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > org.apache.james.util.connection.ServerConnection$ClientConnectionRunner.run(ServerConnection.java:432)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > org.apache.excalibur.thread.impl.ExecutableRunnable.execute(ExecutableRunnable.java:55)
> >
> > > > >
> > > > >
> > > > > at
> > > > >
> > org.apache.excalibur.thread.impl.WorkerThread.run(WorkerThread.java:116)
> > > > >
> > > > > I didn't change any of the James configuration files, so anyone
> > got any
> > > > > ideas about what has gone wrong and what I have to do to fix?
> > Going back
> > > > > to the openJDK_X64 runtime environment would be a real PITA...
> > > > >
> > > > > Marc...
> > > > >
> > > > >
> > > > > ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> > > > > For additional commands, e-mail: server-user-help@james.apache.org
> > > > >
> > > >
> > > >
> >
> >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> > > For additional commands, e-mail: server-user-help@james.apache.org
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> > For additional commands, e-mail: server-user-help@james.apache.org
> >
> >
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
> For additional commands, e-mail: server-user-help@james.apache.org
>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iQEcBAEBAgAGBQJOJeRbAAoJECBbzNW7hzr4n8kH/0HIfydxGY6E3DAsRwvRP6je
PTnTHsj1eqgoarAtJC/PsZ40Y6ZaCfoEA9cwH6G/XNVZCWsfoOnwfk1cBKuYPG/P
0q8zKJcV3wswvX/bm1LQQX1DrNUtQ5FzTu26d8DFV5kZrwGa5+nXi+DgLeY/7aVj
I6vcgKdS8AlCgNBvrUY6VrhJflBL169rBnA1h0j7kfMjlPlmZUOArl86qjGQb9oP
fbzHHATh8QMcvjvq24g44Aw+B5w0DsFWtPexyVYiwrUNOQffrUWw1WiYmA/C7dWA
UFScDzwSLzpprgdaC/dO+d7V8ObWCW7IC6AMA/7cAa17uFFi0eFqeVoWwDhJXQ8=
=RK+W
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
To unsubscribe, e-mail: server-user-unsubscribe@james.apache.org
For additional commands, e-mail: server-user-help@james.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic