记录一次修复windows中java项目报java.lang.RuntimeException:java.security.NoSuchAlgorithmExce ption: EC AlgorithmParameters not available的问题
问题描述
在windows server 2012中安装 jdk-8u241 和tomcat后启动项目是抛出异常
Caused by: java.lang.RuntimeException: java.security.NoSuchAlgorithmException: EC AlgorithmParameters not available at sun.security.util.ECUtil.getECParameters(ECUtil.java:95) at sun.security.util.ECUtil.getECParameterSpec(ECUtil.java:144) at sun.security.ssl.JsseJce.getECParameterSpec(JsseJce.java:373) at sun.security.ssl.HandshakeMessage$ECDH_ServerKeyExchange.<init>(HandshakeMessage.java:1066) at sun.security.ssl.ClientHandshaker.processMessage(ClientHandshaker.java:300) at sun.security.ssl.Handshaker.processLoop(Handshaker.java:1037) at sun.security.ssl.Handshaker.process_record(Handshaker.java:965) at sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:1064) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(SSLSocketImpl.java:1367) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:1395) ... 81 more Caused by: java.security.NoSuchAlgorithmException: EC AlgorithmParameters not available at sun.security.jca.GetInstance.getInstance(GetInstance.java:159) at java.security.Security.getImpl(Security.java:697) at java.security.AlgorithmParameters.getInstance(AlgorithmParameters.java:146) at sun.security.util.ECUtil.getECParameters(ECUtil.java:93) ... 90 more
解决过程
1. 尝试更换最新版本的jdk
首先卸载当前版本jdk,并且下载安装最新版( jdk-8u451 ),然后将环境变量中的 JAVA_HOME 更新到新版本的位置。
然后尝试启动tomcat后发现抛出另一个异常
Caused by: java.lang.RuntimeException: Could not generate ECDH keypair at sun.security.ssl.ECDHKeyExchange$ECDHEPossession.<init>(ECDHKeyExchange.java:116) at sun.security.ssl.SSLKeyExchange$T13KeyAgreement.createPossession(SSLKeyExchange.java:615) at sun.security.ssl.SSLKeyExchange.createPossessions(SSLKeyExchange.java:88) at sun.security.ssl.KeyShareExtension$CHKeyShareProducer.produce(KeyShareExtension.java:265) at sun.security.ssl.SSLExtension.produce(SSLExtension.java:563) at sun.security.ssl.SSLExtensions.produce(SSLExtensions.java:252) at sun.security.ssl.ClientHello$ClientHelloKickstartProducer.produce(ClientHello.java:553) at sun.security.ssl.SSLHandshake.kickstart(SSLHandshake.java:509) at sun.security.ssl.ClientHandshakeContext.kickstart(ClientHandshakeContext.java:115) at sun.security.ssl.TransportContext.kickstart(TransportContext.java:257) at sun.security.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.java:410) ... 81 more Caused by: java.security.NoSuchAlgorithmException: EC KeyPairGenerator not available at java.security.KeyPairGenerator.getInstance(KeyPairGenerator.java:218) at sun.security.ssl.JsseJce.getKeyPairGenerator(JsseJce.java:241) at sun.security.ssl.ECDHKeyExchange$ECDHEPossession.<init>(ECDHKeyExchange.java:108) ... 91 more
2. 为jdk添加BouncyCastle
首先下载对应jdk版本的BouncyCastle包 https://www.bouncycastle.org/latest_releases.html,并将下载好的jar包放入 %JAVA_HOME%\jre\lib\ext 目录中。
需要下载的jar包如下:
- bcprov-jdk18on-1.80.jar (必要)
- bcpkix-jdk18on-1.80.jar (可选)
- bcutil-jdk18on-1.80.jar (可选)
- bctls-jdk18on-1.80.jar (可选)
然后配置 %JAVA_HOME%\jre\lib\security\java.security 文件。
在文件中找到 security.provider. ,并且在他的最后一行增加 security.provider.n=org.bouncycastle.jce.provider.BouncyCastleProvider 。
如我的这段配置如下:
security.provider.1=sun.security.provider.Sun security.provider.2=sun.security.rsa.SunRsaSign security.provider.3=sun.security.ec.SunEC security.provider.4=com.sun.net.ssl.internal.ssl.Provider security.provider.5=com.sun.crypto.provider.SunJCE security.provider.6=sun.security.jgss.SunProvider security.provider.7=com.sun.security.sasl.Provider security.provider.8=org.jcp.xml.dsig.internal.dom.XMLDSigRI security.provider.9=sun.security.smartcardio.SunPCSC security.provider.10=sun.security.mscapi.SunMSCAPI security.provider.11=org.bouncycastle.jce.provider.BouncyCastleProvider
3. 配置tomcat
在 %CATALINA_HOME%\bin 目录中编辑(如没有则新建) setenv.bat 文件,在其中增加如下内容
set JAVA_OPTS=%JAVA_OPTS% -Djava.library.path=%JAVA_HOME%\jre\bin -Djava.security.properties=%JAVA_HOME%\jre\lib\security\java.security
再尝试启动tomcat发现已可以正常启动。
至此问题解决。
浙公网安备 33010602011771号